Web Security

Things which can protect your system from intruders  

    
  1.  Keep platform up-to-date:

It is one of best things that you can do to protect your website from intruders, you just have to make sure that installed platforms scripts are up-to-date. It is found that many of these tools are created as open-source software programs, so their code is easily available to black hat hackers. This code can be used for both in good intention by developers as well as bad intention by hackers. Developers will resolve the bugs and hackers will look for any security loopholes which will allow them to exploit the platform or any script.

For an example, if anyone is running a website on WordPress, then the WordPress installation and plugins which are installed may be potentially vulnerable to attacks. Just make sure that you are using the newest version of platform and scripts, which will help minimizing the risk.

     2.  Installation of security plugins:

Once your platform and scripts are up-to-date, you can go for installing security plugins to increase the security and prevent hacking. Following are the list of security plugins which are free.

a)  WordFence b)  BulletProof Security c)  Sucuri Security d)  iThemes Security (formerly Better WP Security) e)  Acunetix WP SecurityScan f)   All In One WP Security & Firewall g)  6Scan Security h)  Better WP Security

This plugins will address the weakness and threats which could be harmful for your website.

The other thing if your website is running on web content management system or HTML based pages, then should go for SiteLock. SiteLock closes the security loopholes by providing daily monitoring, detection of malware, vulnerability identification, virus scanning etc. SiteLock is worth considering if you have a high investment.  

3.  Setup your directory and file permission  
All the websites can be classified into files and folders which are on your web hosting account. With considering all the scripts and data you need to make your website work, all the files and folders have given a set permissions which control who can read, write and execute. On Linux based operating system, all the permissions are represented in 3 digit code where each digit is an integer between 0-7. The first digit is a representation of permissions which are assigned to an owner of a file, the second digit is a representation of permissions which are assigned to anyone in group who owns the file, and the third digit is representation of permissions which are assigned for everyone else. 

4 is for Read 
2 is for Write 
1 is for Execute
0 is for no permissions

A good rule of thumb is to set your permissions as follows: 
a.  Folders and Directories = 755
b.  Individual files = 644

To set file permissions, right click on your file and go to “File Permissions”. 

4.  Check if SFTP is available 
FTP is File transfer Protocol which is used for uploading files to your web hosting server or cPanel account. SFTP is secure file transfer protocol which is more secured as it has a secure layer of protection. This provide encryption of data and prevent files form modifying. 

5.  Firewall 
A good firewall should be there to prevent an unauthorized access to your web server. This will protect your cPanel hackers as this your first line of defense. 

6.  Install Anti-Virus 
As your web server is on Internet, and Internet is prone to virus infection therefore you must install antivirus in your Cpanel. The most popular anti-virus used for is cpanel is ClamAv. It will scans directories and email for malicious files and it is an open source application. 

7.  Install Rootkit Scanner 
It is a malicious program that can gain access to your web server without getting noticed. It cannot be detected by an anti-virus software. That’s why the reason the scanner must be installed to protect your system.