Hackers
If you wake up in the morning and open your site and you do not see you home page but instead you will see a black page
says: the site has been hacked by Mr Blah Blah Blah. You ill get really annoyed , it happened to me and it made me so angry
i ill give you some tips on securing your website and you server if you have one, so it will be difficult for the hacker’s to play with your site.
1. Always update whatever Applications you have in your site, for example a forum script or a blog or even a contact form hackers always search for exploits in the famous scripts so they can search for infected sites and hack them, so updating your site scripts will make sure you are on the safe side
2. Avoid giving 777 permission to folders in you site, always search for alternative but try hard not to use 777 folder permission hackers just love the sites who uses this permission alot in their websites, 777 means anyone can write/upload anything to this folder.
3. Change your passwords frequently , make your passwords hard to guess, don’t use the same password for everything .
4. If you are using cPanel you can do a virus scan for your website from the cpanel menu, if you are not a cpanel users, you can download a backup of your site to your desktop and scan it with your own anti virus program, this will make sure that your site is backdoor and virus FREE
5. delete unused files from your website , if you installed a software and then you didn’t like it , you should delete it immediately , don’t be lazy .
6. Protect admin area of your scritps (applications) with username and password, you can do that from cpanel also ( Password Protect Directory ) or you can do it by adding this code to .htaccess file in your root folder
AuthUserFile /usr/local/you/safedir/.htpasswd AuthGroupFile /dev/null AuthName EnterPassword AuthType Basic require user wsabstract
7. Don’t install software (scripts) from unknown sources, and avoid installing a scripts that are encoded for example PHP zend encoded or ioncube encoded files because you can’t see what is inside , and thus you can’t make sure if it has no evil code inside .
8. Always buy original software don’t use nulled/cracked version, they are just unreliable and untrusted
9. If you have your on Dedicated server or VPS (Virtual Private Server) you should disable some PHP functions to help protect from hacker’s shell/backdoor files. Here are list of function that should be disabled:
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
10. always do update to your Dedicated server or your VPS.
Hope these info was useful to you.