Any website that relies upon personal or financial information needs to be able to ensure that their data is immune from hackers or scams. Sites with shared hosting are at the greatest risk for hacking given that changes to one account may have an effect on other accounts. Regardless of the size of your page or the amount of traffic you receive, all it takes is one slip-up for valuable content to be stolen or corrupted.
Remove Unused Information
The biggest rule to follow in information security is not to keep files on your server when you are not using the data. Any time that you no longer need a directory, a record, or a file, copy it to a hard drive and delete all traces of information from your site coding. Any time information slips through the cracks, hackers can go through the website history and find stored data from months or even years ago that you had long forgotten about. Just as a burglar cannot take jewelry when you have none in your house, so are hackers limited by the data available on a page.
Change your email passwords frequently. When we think of hacking we think of someone breaking into the site’s source code, but more often hacking is just someone who got into personal data by using a stored password or putting in an obvious password. Always make your passwords a combination of upper- and lower-case letters, numbers, and symbols. Avoid any chains of numbers that have personal meaning (like birthdays or last digits of social security numbers) and never use any of the same characters in your password as in your email login. Change your email password as many times per year as the number of times you log in to the account each day.
Delete Unused Websites
Once you have finished using a site subdomain, delete it along with all of the links on other pages to it. A typical phishing hack is to access an old script and either uses it to get information or to spam a page. Clean up your page frequently so that there are no entryways into content with expired security. You have to treat all scripts on your webpage as if they could be exploited by a third party because none of them are immune. Even when you have had your scripts tested by a security program there will be ways for bugs or glitches to be ran against the page.
Back Up Information
Always back up information to a hard drive. Even if you are a small page with limited traffic, backing up data on a daily or weekly basis can be a lifesaver in the event of a crash or a virus. Ideally, you should backup data every time that the content on your page changes, whether you are adding or removing information, so that you can quickly and easily start up the page in the event of failure.
While it is crucial to spread your email to customers, partners, and new contacts, always obscure your email if it is put out in public. Spam bots patrol the web looking for emails that they can crack, but no spam bot in the world understands an email that inserts an “at” and “dot” in replacement of the alphanumeric characters. Likewise, set up your email names so that a spammer cannot send out information from your address without knowing its exact name. For example, never use a “support@” or “contact@” email address, instead use a “supporthelp@” or “quickcontact@” so that spammers cannot easily get into the addresses they need to send out mass emails.
Author Bio: William Stevens is a writer who produces content in relation to technology. This article was written to explain certain aspects of Internet security and to encourage further study in this field with a Norwich Masters in Informational Assurance.