Hacking incidents are rampant these days, and have we, your preferred web host done enough to protect you from malicious attacks? Exabytes understands that data privacy and security are of utmost importance to any organization or individual, and is always upgrading to strengthen our level of security and protection to protect our clients. However, cooperation of our clients also plays an important role in achieving this important goal.
Website Security for hosting is basically divided into 4 main layers:
1) Network Layers (Taken care by your web host Exabytes)
- We have segmented our networks, and are using multiple redundant service providers.
- We monitor our network traffic 24×7.
- Network Firewalls
2) Server Layers (Taken care by your web host Exabytes)
- We have hardened our servers, and keep our servers’ operating system and software up to date.
- We also monitor our servers closely for any abnormal traffic.
- Firewalls in front of the server layers
3) Web Application Layers (Need Clients’ Cooperation)
This is the open source or custom web applications users installed on their hosting accounts.
- Users need to ensure that the softwares installed are up-to-date and patched accordingly.
- Users must ensure their web folders are not exposed to “public write-able”.
- If users are using open source Content Management System like Joomla, Drupal, WordPress, etc, make sure they are running the latest versions.
- Disable unused plugins / software for their websites. Or update from time to time.
4) Users Layers (Need Clients’ Attention)
- Make sure the notebook/PC used by users or even local office server is free from virus/Trojans.
- Use a secure password. A secure password is made up of a combination of alphabets, numbers and special characters and has at least 8 characters the minimum.
- Make sure your passwords are changed at least once every 3 months.
- And most importantly, make sure your passwords are stored in a secure place. Do not save your passwords in Address Book or Excel File. They must be stored in a Password Manager where they are encrypted.
- All the above apply for all your passwords including passwords for your hosting control panel, domain name manager, FTP, mailboxes, content management system and user name for other online portals.
Each year, hacking attacks caused many organizations and individuals great losses and huge amounts of money. By putting in a little more effort to enhance your site security, you too can prevent these unlawful malicious attacks!