Today’s blog will provide some tips on “how to scan your website for security vulnerabilities”
If you own a website / business you must protect your image and business reputation by securing your website correctly. Many website owners think design first and security / proper infrastructure last. I believe you need to build your foundation first, backup plan second, and beautiful design as you go.
Many people ask, “why would someone want to hack my website?”
Simple… Money and Exposure – Listed below are some hacker tactics to be aware of:
- Website Defacement – an attack on a website that changes the visual appearance of your site or web page. These are typically the work of deface-hackers who break into a web server and replace the hosted website with one of their own. Website Defacement is commonly known as a type of virtual graffiti / vandalism of your website.
- Ransomware – Hackers install malicious software to prevent you from accessing your website. The only way to unblock your website, is to pay the hacker’s fee. Also, in many cases the victim will pay the hacker, just to find their website is still locked! Ransomware, indicates why it’s so important to have proper backups for your website.
- Email Spam – Compromised websites can be used to send email spam, and in many cases the site owner may not even be aware. Hackers will use the email spam to spoof your followers / customers into providing personal information, such as credit card numbers.
- Hacking with Political Motive – Some vigilante groups are trying to raise awareness about political issues and or create chaos. Therefore the hacker(s) will utilize your website as a messaging platform to spread their word. This is another form of vandalism on your website.
- Storing Illegal Files – Hackers store millions of files like shareware, pirated movies, programs, etc. that tend to take up increased website disk space. When these files run on your server, they tend to decrease your website speed. If your website is discovered with the illegal files, it can be suspended and blacklisted by Google as well.
After noticing some of my website vulnerabilities, “how can i protect my website?”
- Implement a Firewall and Antiviral Application / Keep Them Updated – If you have a WordPress website, you can download Firewall Plugins: such as – Sucuri, Cloudflare, SiteLock, Wordfense Security, BulletProof Security.
- Use Current Versions of your Website Theme – Ensure you and/or your Managed Service Company is monitoring your website for plugin updates on a daily, and weekly basis.
- Secure How you Log Into Your Website “Back-end” – Create a secure login technique, such as two-step authentication process.
- Secure your Website with HTTPS – Hypertext Transfer Protocol Secure is an internet communication protocol that protects the integrity and confidentiality of data between the user’s computer and the site. Users expect a secure and private online experience when using a website. I encourage you to invest in HTTPS / SSL Certificate for your website as well.
- Monitor Login Attempts – Have a notification system configured that alerts you with website updates / who is accessing your website, and from where?
In closing, Remember to keep your site safe.. and INNOVATE!
Investigate new security tactics for your website. Technology is an ever-growing platform, which will continue to change – yearly, monthly or even daily. If you’re unfamiliar with website security, you can always outsource the service with a Managed Service Provider such as, SecurityRI.com. We would gladly observe / audit your website at zero charge. For additional information, you may contact me at any time or email [email protected],