Is your website secure & cannot be hacked?

We get our website developed or develop ourselves. But how much importance we give to our website content and Database Security? Can we say it is 100% secured and cannot be hacked ? Based on our research, more than 50 % of live websites does not have even basic security steps implemented.

We hereby sharing some steps which help to keep website Secure and Safe:

Steps should be taken on Website Level :

1. Password : We should keep password with combination of letter, number and special character. It helps website from brute force attack. You can also use online password generators available. Never think of password which is easy to understand. If it is easy for you than it is very easy for Hackers.

2. Plugins : As we know, today’s time is of Legacy Development. It should be speedy. We use readily available Plugins to achieve fast and quality results which is completely fine. However, never buy or download plugin from untrusted sources. Always check the source from where you are getting Plugins and their market reputation.

3. Antivirus : Keep the development system virus protected and updated. Again always purchase and download Antivirus from trusted source.

4. Make sure MySql installation secure with Privilege and DB table does not begin with wp_ if you are using WordPress CMS.

5. When you connect to Server use SFTP encryption. SFTP is the same as FTP, except your password and other data is encrypted when you transfer the data between you computer and server.

6. Give proper file permission on your server. In case of WordPress, it should be :

For Directories:
find /path/to/your/WordPress/install/ -type d -exec chmod 755 {} ;

For Files:
find /path/to/your/WordPress/install/ -type f -exec chmod 644 {} ;

7. Make sure to Disable PHP file editing on in WordPress dashboard.
define(‘DISALLOW_FILE_EDIT’, true);

8. And always make security rules in .htaccess file

As we prefer WordPress CMS to work, we would like to recommend some WordPress Plugins to harden the website.
https://wordpress.org/plugins/better-wp-security/

https://wordpress.org/plugins/wordfence/

https://wordpress.org/plugins/simple-login-log/

Aforementioned was some measures to be taken care at website level. Let me share some server level security recommendations as well :

1. Select the Web host provider who provide most stable versions of all the server software.
2. Should have option to enable Server level firewall.
3. First and very important point, always backup your database before make any changes.

Some recommended paid plugins are :
vaultpress https://vaultpress.com/
codeguard https://www.codeguard.com

Keep your Data Secure and Safe.. Please share your thoughts to add more to these points.

Happy reading !

Warm Regards,
BrahmaSys Family
www.brahmasys.com