- February 3rd, 2014 2089
We’ve seen a rise in websites account accounts being compromised, hacked and attacked due to many issues which we will be discussing here. Hopefully we can help you protect your website’s contents, protect important documents, files, images and other personal information you may have stored on our servers as well as help keep your account from being suspended.
- If your website does not write to files, does not take uploads etc. Disable write permissions on your website completely.
- If your website does write to files, disable write permissions on your website and use the file manager to set write permissions on only what you need.
- If you are using a commercial or open source available product such as WordPress, Joomla, PHPbb etc. make sure you are always running the latest version. Keep track of new release announcements and keep your website updated. Popular applications are updated frequently so keep an eye out!
- FTP Accounts
- Use FTP over SSL only, set your FTP account to “SSL Only” in the control panel to prevent connections over standard FTP.
- Use only trusted FTP applications and download them from their respective developer’s website. To prevent the application from stealing credentials. Do not use “cracked” or “pirated” applications as they could be insecure.
- Use strong passwords, the password “Mikeftp1” is not a secure password. “9876ui*O-I723_44” is a secure password.
- If you use FTP from locations that have a static IP or an IP address that rarely changes, use our “IP Restrictions” feature in the control panel to prevent access from IP addresses you do not specify.
- Email Accounts
- Use strong passwords, the password “Cindy1988” is not a secure password. “9876ui*O-I723_44” is a secure password.
- Disable the webmail service for your account if you do not use or do not rely on this for email access.
- Disable unneeded services. For example, if you only use IMAP, disable POP.
- Monitor your account closely, if you receive bounce reports or failure notices for emails you do not recognize, change your password immediately and alert our support department.
- Do not use the same password for all email accounts.
- If you can, use only SSL or TLS based connections to send and receive email
We hope this helps you have a better idea about how to secure your website and your account from attacks, spammers, etc. If you have any questions, let us know!
Thank you for choosing ASPnix as your hosting provider!