Keeping your site and secure is paramount to us. To ensure this, we have the very best security policies in place to ensure that our server is secure, thereby securing your sites from hacks from the server level. However, to ensure that your site is completely safe, you would also have to take some actions yourself.
As an illustration, imagine you have a bank account with Bank ABC and also have an ATM card for this account. While the bank would definitely have all the necessary security measures to protect your account, you would be expected to keep your ATM and PIN safe at all times. If a third party gains access to your ATM card and PIN, there really isn't much the bank can do to protect your money and your account. The same applies regarding your site. While we have security measure to protect your site and files, you would also need to ensure that your application is safe and secure at all time.
Below are some of the ways you can better secure your account.
- Ensure that you only use strong passwords for all your logins. Using your username, date of birth or any word from a dictionary makes it easier for hackers to guess your password. You may visit http://strongpasswordgenerator.com/ or other similar sites to generate very strong passwords.
- Always ensure that installed applications such as WordPress, Joomla, etc are always updated at all times. Outdated applications usually have security loopholes that hackers may take advantage of. Most applications have You may visit http://codex.wordpress.org/Updating_WordPress and http://docs.joomla.org/Upgrading_from_an_existing_version to learn how to update WordPress and Joomla respectively.
- Always ensure that your plugins/extensions/modules are always updated. Don't use any such application that you did not download from an official source.
- Ensure that all written scripts use the latest methods to ensure that they cannot be easily taken advantage of.
- Never use admin as the username for your super admin. This makes it a lot easier as hackers only need to guess your password.
- If your admin login is in a directory, you may consider password protecting that directory to add an extra layer of security. You may visit http://docs.cpanel.net/twiki/bin/view/AllDocumentation/CpanelDocs/PasswordProtectDirectories to learn how to accomplish this on cPanel. If you use WordPress, you may visit http://www.whogohost.com/host/announcements/27/Brute-Force-Attack-on-WordPress-sites.html to learn how to password protect your login page. Only use devices with updated antivirus applications to login to your site. Malware infected systems may send all your logins to an unknown attacker at a remote location.
- Never access your site using public Internet connections such as cyber cafes, free wireless connections, etc. There may be a middle man on the network intercepting your communication and stealing all your login details.
- Purchase an SSL certificate for your site from http://www.whogohost.com/ssl.php. This would enable you login to your admin section via https, thereby encrypting all communications between your browser and the server.
- Never give your login details to a third party. If you have, change them immediately. You may visit http://www.whogohost.com/host/knowledgebase/36/How-to-change-your-cpanel-password.html to learn how to change your cPanel password. Keep local backups of your site regularly. We do run weekly backups but this may not be sufficient for you. You may accompish this using the BackUp facility of cPanel or using plugins/extensions/modules that your choice application may have.
- Additionally, you may follow the steps on http://codex.wordpress.org/Hardening_WordPress and http://www.siteground.com/tutorials/joomla/joomla-security.htm to learn how to better protect your WordPress and Joomla sites.
- Purchase SiteLock to help proactively secure your hosting account. You may visit https://www.whogohost.com/security/sitelock.php for more details.
Following these and other relevant security steps would help keep hackers away. Send a mail to support@whogohost.com if you have any inquiries about any of these points
