Because there is no sense to put software such as anti virus and even if they want something very expensive, people simply think that all the work is done when the site launched.

Protect website or web server requires constant effort because every day something is updated.

If your site is hacked then it will reflect badly on you, your business or brand.

Always there are some proven steps that are necessary to make sure to get the first line of defense. We have compiled a list of ways or tips you call them to help you lay the foundation for Web security. So how to protect the site ?


Use Open Source Scripts

If you do not know what you are doing or have a good team of developers it is a good idea to use an open-source scripts. Scripts open-source, such as WordPress, Drupal, Joomla, Magento , etc., multi-functional, and built with the support of thousands of coders for updates and support.
This is to avoid becoming a victim of hacker sites and spammers because of poorly written code. Rather than build from scratch, you can use your existing scripts and modify them to your liking. Commercial scripts from well-known companies also may be used if they give out updates and patches regularly.


Constantly updated

You have an opportunity or not, try to update your platform continuously. This will help you avoid errors in the code and will provide additional protection for your site.


Use strong passwords

Use good passwords of letters and numbers, and special characters. The password must be at least 10 characters in length.There are many good generators that will help you to do this, such as KeePass, Lastpass and others.


Protect your Email Administrator

Keep your e-mail address the administrator used to log into the database away from the public eye. It is necessary to use a completely different address on social networks and other contact lists. This will help you avoid becoming a victim Phising-well .


Add to the database table prefix


Password protection for Databases


It is not a requirement, but it is better to do it than to leave it blank.

Remove the installation folder

After installation it is strongly recommended to remove this folder because it no sense. It will not be used in the operation site. If you leave it to the hacker will be possible to restart the unit again and clean the database. Delete or rename it from sin by on.



Use a protected FTP connection.

If you can use FTP to upload files. It does not give anyone a chance to see that you upload to a web server.

Restrict root access

Restrict access to the files in the folder are not used. Let access will have only the system administrator.

Make sure you have .htaccess file

.htaccess files are often used to specify the security restrictions for a specific directory, and make sure that you have not deleted it by accident, or if it is.

Add a robots.txt file

This file provides specific instructions to search engines that can be shown and what is not.

Use security plugins

Good platform always have plug-ins to the basic functionality of the script. Look at the plugin that adds an extra level of security and install them. For example, plug-in the WP Security the Scan .

About The Author

I am Ethical Hacker, Penetration tester, and Security Professional. I am an OWASP International Member. I have previously experience to work with Big corporate, Government and well-funded startups. My Company SECUPENT () is multiple award winning Cyber Security and Outsourcing Company. I am not only can save you from known vulnerabilities, also can protect you from 0day exploits and attacks from 3rd party threats.

Related Posts

Leave a Reply

Your email address will not be published.