How to be a proactive shared hosting customer
So, what can you do to be proactive as a shared hosting customer? In a nutshell, being a proactive shared hosting customer involves securing your website against malicious attacks. And it’s pretty easy to do.
Let’s start by asking ourselves a few questions:
- Am I using a Content Management System (CMS)?
- Is an SSL Certificate installed?
- Are my passwords strong enough?
- Can users input information into my website (contact forms, login forms, search bars etc.)?
- What are my website’s file permissions?
Am I using a Content Management Systems (CMS)?
Common CMS platforms include WordPress, Joomla, Drupal, Magento etc. There’s a LOT of them available, and WordPress is the most popular with over 30% of websites using it.
The most important part of maintaing a secure CMS installation is to keep it up to date. It is vital to update the core CMS, themes and plugins as soon as an update is released.
These updates usually close any security holes which have been discovered, so apply them as soon as they’re released.
Is an SSL Certificate installed?
SSL certificates secure the transfer of data, like account details, passwords and payment information.
Gone are the days when SSL was only necessary for bank or ecommerce websites. Nowadays, it’s important to have an SSL certificate installed for all websites.
Basically an SSL certificate protects you and your users from electronic eavesdroppers and keeps your data safe.
Are my passwords strong enough?
The most common password used today is still 123456 and it is the first password a hacker will try when attempting to access your account.
So create a tough password which is hard to guess. Better yet, use a password generator and keep that password in a safe place.
Don’t use the same password for everything either. Once one account is compromised, all other accounts will become compromised.
Where possible, use 2-factor authentication. This additional layer of security will further protect your accounts.
Can users input information into my website?
Most websites allow for user input in some form or another. Whether it is a contact form, newsletter subscription or log in form, these forms are susceptible to malicious intent.
What do I mean by malicious intent? Malicious users have the ability to inject code into your forms and can change or steal information. This is known as SQL injection.
Here are a few articles you can read to secure your forms from these kinds of attacks.
What are my website’s file permissions?
Your website files and folders will have certain permissions which allow users, groups or everyone to read, write or execute them.
For instance, you might hear someone talking about giving a file permissions of 777. This is a very bad idea as it allows all users, groups and everyone the ability to read, write and execute the file. This means EVERYONE can change the file.
Understanding these numbers and how to use them is not covered in this article, however, I encourage you to read up on it further.
You can be a proactive shared hosting customer by keeping your CMS up to date, using an SSL certificate, using strong passwords, protecting your forms and ensure the correct file permissions are used.