Hackers

[Jillie Norman]

Hi.  Our site has been hacked several times and we have been finding ways to prevent this.  What do you do to keep away these internal and external hackers?  I hope you could share your practices.  Thanks for your time.

 

[KittenKong]

Internal hackers are very hard to prevent. Employ happier staff.

 

External hacking rather depends on what architecture you are using to power your website. If it is something like Wordpress then you need to do all the updates as soon as they are released: this is generally automatic these days. You should also regularly update any plug-ins and themes that you use.

 

And on top of that you should install one of the various security plug-ins that are available for WP, and follow its suggestions. Obvious ones are deleting the default admin account and creating another one with a different name, using strong passwords, masking the admin login URL, not using displayed author names as logins etc.

The security plug-in should check that your file and folder permissions are correct, and you may want to install a specialised htaccess security plug-in also.

 

On the server side, make sure that you are using recent versions of PHP and MySQL. Your hosting provider should advise about this as what you can use depends on them.

[Kabula]

Simple...discard all electronic devices.

 

For privacy go off the grid to an uninhabited island and live under a jungle canopy to avoid the spy satellites and night vision capabilities.

 

If you find the perfect relocation, let me know, I will join you with 4 ladies.

 

We must have backup, a knife, a saw, an ax and two fishing poles with fishing gear. 

 

[dotpoom]

Might have been helpful to those you are asking help from if you had shared what you have discovered so far that works for you...just an observation. 

[Jillie Norman]

Thank you, guys! Does anyone use a password management software? Coz most of the people I know is already using this to avoid hackers and spammers and they say it works.

[Srikcir]

If possible keep file folders in an external storage device.

Use data masking.

Train employees not to click on unfamiliar or suspicious emails and web sites.

Keep antivirus up to date

Keep OS up to date

Backup drives

[impulse]

Spam OP followed up by a link to the perfect paid solution.

 

Didn't see that coming...

 

[RichCor]

3 hours ago, Jillie Norman said:

Thank you, guys! Does anyone use a *direct link edited out*? Coz most of the people I know is already using this to avoid hackers and spammers and they say it works.

Me thinks you don't understand how spamming and hacking works.

 

Spam is delivered via email and websites -- or where-ever else additional info can be pushed to you. Your device can also be remotely modified so it actually fetches and delivers them independently.

 

Hacking is where unauthorized 3rd parties make changes to your system. This can be done if they have direct access to your device, or by utilizing known vulnerabilities and exploits to gain access to modify and potentially gain partial or full control over the device.

 

Nothing to do with your passwords.  Those just happen to be the unguarded pot-of-gold some hackers seek.

Edited June 1, 2017 by Scott
Direct link edited out