website creationweb promotionwebsite developmentweb designSEOInternet Adweb studio

WebStudio2U - bright solutions
website development
webdesign
website development
website promotion
site optimization (SEO)
contextual advertising
copywriting
maintenance
hosting
web studio services
webdesign articles
webdesign news
questions and answers
about web studio
portfolio
prices
Укр Рус Eng
Webdesign studio WebStudio2U Authorization Write a letter Sitemap

Web development. How to protect your website against hacking?

Protection of a website against hacking is an urgent issue for many site owners these days. Thanks to the emergence of a great number of manuals kind of “Hacking for dummies” even those Internet users who did not care about your website at all will suddenly want to try their hand at hacking and boast of the newly gained knowledge. What should you do in order to protect your website against hacking?

First of all let us enumerate the non-software methods that you can use to protect your website against hacking. We are sure that you have heard about some of them – you just didn't pay attention to these methods.

Method 1. Choose strong (complicated) passwords. The practice shows that even the fastest program for password cracking that uses the method of brute-force cracking will need almost a year to crack a password that consists of eight characters. The matter is that there are 2х1012 combinations of an eight-digit number, and there exist even more combinations of eight characters that are unknown to the hacker.

Method 2. Do not grant administration panel access rights to the people whom you don't trust. Otherwise do not wonder why the site has been hacked. You also shouldn't grant the rights for adding the HTML code to everyone who wishes because unprincipled users may add malicious code to your website.

Method 3. In order to protect your website against hacking use anti-virus software with the newest signatures. As they say, God helps those who help themselves.

Method 4. Do not save passwords in FTP clients. It is a piece of cake for a good hacker to stole a file that contains the password (even if the password is encrypted).

Method 5. If you do not want to rely on your memory and need to store your passwords somewhere you had better use special password managers. A password manager is a special software application that allow to store and arrange passwords in an encrypted file. To assess the password manager you need a separate password – a key. By the way, it is much easier to memorize one password than a dozen of different passwords, isn't it?

Method 6. Do not click on dubious links. No comments.

However, carelessness and inattentiveness of the site owner are not the only reason for website hacking. Sometimes the vulnerability of a website in concealed in its source code. Professional hackers will find this vulnerability very quickly. If your site has been developed on the basis of a content management system (CMS) you should know that the developers of these systems have already taken care of your security and includes necessary protection elements into the source code of the CMS.

If you used ready-made scripts during development of your site you should always keep in mind that they might be vulnerable. Many scripts are written with the assistance of several web development specialists. This increases the probability of emergence of errors that in future might be used by hackers for their attacks. Therefore to protect your website against hacking it will be quite reasonable to read different reviews and responses concerning a certain script on specialized forums for webmasters. A good evidence of reliability of a ready-made script is its presence and stable functioning on many other websites.

If you write scripts for your site yourself you must pay proper attention to their security. For instance, scripts that are responsible for sending and receiving information from HTML forms (it concerns both POST and GET request methods) should always filter the data entered by the user. If you don't make provision for this option a hacker may send a malicious JavaScript code via the HTML form. Thus the hacker will be able to access your cookies or make the page inoperative. This kind of attack is called XSS exploit (XSS refers to cross-site scripting).

You should pay special attention to the scripts that interact with the database on the basis of the user's personal information. If the hacker obtains an opportunity to upload files to the server he will be able to do everything he wants with your site.

Unfortunately when the matter concerns DDoS attacks there are no invulnerable sites. A DDoS (distributed denial of service) attack occurs when a great number of computers begin to send a huge number of requests to your site simultaneously. The server cannot respond to such number of requests, and the site ceases functioning. Besides, if the script is very complicated it is possible to “make the site hang” even by a comparatively small number of requests. Thus it is almost impossible to protect your website against a DDoS attack.

How to protect your website against hacking?
TAGS
protect your website, how to protect your website, site hacking, site protection, ddos attack, password, hacker, password cracking, brute-force cracking
  		 
 
WebStudio2U web programming Web development. How to protect your website against hacking?
 
 
web programmingwebsite designredesigncopywriting
 

© 2009 Website development and website promotion by WebStudio2U.
Call now: +38 (096) 90 46 999, +38 (095) 90 46 999, +38 (0542) 659071
Reprinting of content prohibited.