11 useful tips that can save you from getting “Hacked”….

website security

With each passing day there is news of the leak of information over the Internet whether it is email IDS, passwords, pictures of celebrities, credit card information or classified government data. The hackers have almost democratized the Internet. But you may as well think your mediocre website might not attract such evil eyes. But irrespective of what your site has to offer, you must realise it is raw data nevertheless. Stealing static data falls within the realms of cyber crime and could well be injurious to you and your thriving business. So it is quite necessary that you make sure all data are safe. Among the preventive measures you may consider the following:

• Prevent Malware viruses from being uploaded to your site

• Reassure website visitors so that your website is safe

• Protect your website from getting hacked and exposing important data

• Prevent phishing emails from being sent through your website

• Get a better rank in search engines like Google

There is nothing more terrifying than seeing your work in the wrong hands or entirely wiped out by the some cyber goons. You have worked really hard making a website, so take some time to protect it as well rather than contemplating on what you could have done, after all are lost. Here are top 3 security tips to keep your website safe:

There tends to be a lot of speculations, mostly useless, regarding affiliate marketing. This leads to a lot of confusion and makes it a tad bit difficult for common people to figure out the “dos and don’ts” for a successful endeavour. That is why we are laying out these golden rules which might give you some direction to work with.

1. Keep up to date

In order to keep your site secure, keep all your software up to date. It applies to the server operating system and any software that is running on the website like forum or CMS. Hackers get a golden chance to abuse or misuse it, if security loopholes are found in software. You don’t have to apply any security updates if you use a managed hosting solution, the hosting company will take care of it.

2. Install security plugins

Enhance the website security with plugins after you have updated everything. It prevents against hacking attempts. Use purchased or highly recommended softwares to guard your site. If you are running HTML pages or a CMS managed site have a look at SiteLock. It helps to close site security loopholes. It provides daily monitoring starting from vulnerability identification, malware detection to active virus scanning.

3. Make passwords secure

We all know that we should use complex passwords, but we don’t do that always. Try to use strong and long passwords for your website admin area and server. For example, make a password which has numbers, letters and special characters. It is also important to have good password practices for the users in order to protect their accounts. 4. SQL queries

SQL injection can be used for many purposes. SQL query gets populated when the data is being used from a submitted form of a URL variable, then it can be used for the purpose of SQL injection. If you use SQL, it is easy to insert rogue code unknowingly into the query which can be used to get information, delete data and change tables. You can prevent an SQL injection attack easily by using parameterised queries.

5. Install SSL

An encrypted SSL protocol is used to transfer personal information of the users between the database and website. If you install an SSL certificate, it will give your website a massive security boost. If the hackers try to eavesdrop on the encrypted connection, he will only see garbled text which will be of no use. Investing on installing SSL for your website is important to protect personal information.

6. Install WAF

WAF (web application firewall) can be hardware or software based. The modern WAFs are cloud based and provide plug and play service. It sets between the data connection and website and reads everything passing through it. Once you install WAF, it will give you a complete peace of mind. It will block all hacking attempts and will also filter out other types of unwanted traffic such as malicious bots and spammers.


HTTPS (Hyper Text Transfer Protocol Secure) is a protocol which transfers important information between a web server and a website. If your users want something to be confidential, it’s good to use HTTPS. Adding the protocol to this protocol means you are adding an encryption SSL (Secure Sockets Layer) or TLS (Transport Layer Security) to HTTP and to have extra security for the user’s data.

8. Admin page

You obviously don’t want the admin page to be indexed by search engines so it is suggested to use robot_txt file to prevent search engines from listing them. It is difficult for the hackers to find, if they are not indexed.

9. Install security applications

Install security applications to make life difficult for the hackers. Some free plugins like Acunetix WP security can provide a level of protection by hiding the identity of website’s CMS. It will make you resilient against automated hacking tools. But it is always prescribed to use paid versions.

10. User access

It is beneficial to those who have multiple logins. Every user should have appropriate permission to do the job. If they need escalated permissions momentarily, just grant it, but reduce it once they are done. It is known as Least Privileged. You can keep an eye on the user’s behaviour, if you separate user accounts for every user, by reviewing logs and usual behaviour.

11. Error messages

Error messages allow the users to know why they can’t login. The hackers use the information to perform a more calculated attack on your website. Error messages like incorrect password or incorrect username will let the attacker know half of the username or password combination right. But a message like “incorrect password or username” will not give any extra and helpful information.

An attack on your website doesn’t only lead to compromise all the data of users and information, but Google and other search providers can also blacklist your site as your site for spreading malicious content throughout the web.