5 Ways to HackProof Your Website


Unless you’re actually in the business of selling it, how would you like to wake up one morning and find every link on your website pointing to an erectile dysfunction drug? This nightmare scenario actually happened to a website that specializes in online travel guides to cities like Austin, Texas. Before it was all over, MetroSeeker was forced to expend a fortune in man hours to clean up all the links, erase and rebuild their server, upgrade the CMS, and re-think how employees post content. Scared yet? You should be. If you have an online property, consider yourself at risk from hackers. Here are five ways to foil their nefarious intentions. In other words – let’s hack proof your website!

Update That Software

It’s a basic truth of the interwebs. Outdated software and applications are excellent ingress routes for hackers to get into your website and cause all kinds of mischief. It’s SO easy to keep this stuff updated but way too few people do it. The only conclusion we can draw is that you want to be hacked. Or maybe you were dropped on your head as a baby. For the life of us, we can’t figure out why every website owner wouldn’t create a strategy to update software, plugins, themes, etc every single time a new version is released. New releases fix problems with old ones. This is a great way to slam the door right on those damn hackers’ toes.

Create Strong Passwords and Change Them Often

1234 is not a strong password. Neither is ABC or CAT. These odes to simplicity might be easy to remember but you might as well place a call to the local hackers’ union and read your personal data to anyone who answers. Most of us are guilty of this at some level. Who wants the hassle of creating actual strong passwords (8-16 characters using upper and lowercase letters, numbers, and special characters)? And, yes, they should be changed every six months. If you haven’t been introduced yet, get familiar with a password manager. This specialized software helps you create, save, and enter all your passwords, and you’ll only need to remember the master password in order to use it.

One Reason to Use a Good Website Builder

There are actually several reasons to use a good website builder, but the one we’d like to focus on now is the built-in security aspect. Let’s look at this a few different ways. In the first place, the company that supplies the builder has a vested interest in keeping clients’ websites safe from hackers. They don’t want to get the reputation as an easy mark for cyber criminals. There is also an inherent level of security in packages that don’t allow extra plugins which unwittingly introduce malicious code. A do-it-yourself WYSIWYG website solution removes some of the risk involved in trying to secure your own website from scratch.

Register with Google’s Webmaster Tools

Part of the real trouble with being hacked is you don’t always realize it immediately. Once your security is breached, you have a small window of time to correct matters before Google notices problems with your website and puts you on the blacklist, which means you no longer show up in search results. That can be a business killer. By registering with Google’s Webmaster Tools, you indicate to the search engine giant that you’re serious about playing the game the right way. When registered, you’ll get a notification if Google sees anything wrong with your site, affording the opportunity to fix it quickly, hopefully before being blacklisted.

No File Uploads

It’s a good idea to not let anyone upload a file to your website, even for something as innocuous as an avatar. Hackers have been known to hide malicious code in such places. The person uploading might not have a clue that they’re about to infect your website but infected it will be. While you might be seen as something of a killjoy, wear the title proudly and sleep easier at night secure in the belief that you’re doing everything you possibly can to make sure you don’t wake up that terrible morning to realize you’re now advertising for the latest and greatest in male performance enhancers.

The Bottom Line
Today’s jaded internet is a very different place than the wide-eyed innocent newborn that sprang into the public consciousness back in the mid-1990’s. It seems everyone and their pet dog has a website now and most of them haven’t a clue how to protect it. There are lots of people out there proactively trying to introduce you to the latest Trojan horse, ‘bot, scam, virus, worm, ransomware, spyware, adware, or phishing scheme. You need to get serious about stopping them.