How to protect your website from hacking
Protection of a site from breaking - an urgent task for many site owners in our time. Thanks to the huge amount of "Hacking for Dummies" benefits, even those Internet users who previously did not have a case before your site will suddenly want to try their hand and boast of freshly acquired knowledge. What to do to protect your site from hacking?
First, we list the non-programmatic methods of protecting the site from hacking. Surely, you've often heard of them, but perhaps you did not pay attention.
Method 1. Choose complex passwords. Practice shows that even the most nimble programs for selecting a password with a simple search will cope with a password of eight characters in less than a year. The fact is that the combinations of the eight-digit number exist 2х10 12. And the combinations of eight unknown cracker symbols - even more.
Method 2. Do not give access to the site administration panel to unverified people. Otherwise, do not be surprised why the site is hacked. Also, you should not give the right to add HTML-code to everyone, because unscrupulous users can add malicious code to the site.
Method 3. Use the antivirus with fresh bases. As they say, God cares.
Method 4. Do not store passwords in FTP clients. The file containing the password, even if it is encrypted, is a good hacker to steal - just spit.
Method 5. To store passwords, you should use special password managers, if you do not rely on your memory. Password Manager is a special program that allows you to store and organize passwords in an encrypted file. To access the password manager, you need a separate password - a key. By the way, remembering one password is much easier than dozens of different ones, is not it?
Method 6. Do not visit questionable links. No comments.
However, it is not always hacked by the negligence or inattention of the site owner. Sometimes the vulnerability of the site lies in its source code, which professional hackers will quickly find out. If your site is built on the basis of one of the content management systems (CMS), then know that the developers of these systems have already taken care of your security and included in the source code the necessary elements of protection.
If you use ready-made scripts on your site. then always remember that they can be vulnerable. After all, many scripts are written with the participation of several specialists in web programming, and this increases the probability of errors that hackers can use for their attacks in the future. Therefore, it is not superfluous to learn the opinion of the script on specialized forums, for example, antichat.ru. A good indicator of the reliability of the finished script will also be its availability and long work on many other sites.
Especially carefully check the script, which interacts with the database based on user data. If a hacker gets the opportunity to upload to the server with your site some files, then he can do with it whatever he wants.
Unfortunately, when it comes toDDoS attacks. There are no invulnerable sites. DDoS-attack lies in the fact that simultaneously with a large number of computers on your site begins to receive a huge number of requests. The server can not service such a large number of requests and the site stops working. In addition, if the script is very cumbersome, then "suspend" the site can not even be very large number of requests.