Home Education Web Security – How To Protect Your Website From Hacking

Web Security – How To Protect Your Website From Hacking

How To Protect Your Website From Hacking
How To Protect Your Website From Hacking

Step 1      Keep software up to date

  It may seem obvious, but ensuring you keep all software up to date is vital in keeping your website secure. This applies to both the server operating system and any software you may be running on your website such as a CMS or forum. When website security holes are found in software, hackers are quick to attempt to abuse them. If website is built with open source software like wordpress, joola, prestashop etc. keep the all plugins and modules up to date.

Step 2     Beware Fake error messages    

Be careful with how much information you give away in your error messages.


If you have a login form on your website you should think about the language you use to communicate failure when attempting logins. You should use generic messages like “Incorrect username or password” as not to specify when a user got half of the query right.

If an attacker tries a brute force attack to get a username and password and the error message gives away when one of the fields are correct then the attacker knows he has one of the fields and can concentrate on the other field.

READ ALSO : -  Brute Force Attack-Definition And Security Tips

Stet 3     Create a Backup

Create a manual backup of your website. This is very time consuming method for big website. login to Cpanel via FTP client like Filezila and download all the folder of your website in your PC drive.

Another way to take backup of website, ask your website hosting provider. Most of hosting providers keeps backup all the data till last week. In this way you will only lose the data of maximum one week.

Step 4    Try To Hack Your Website

 Using the first technique described, he can hack the URL query string and cause an error to be displayed. You can do a simple test to hack into your own website via the URL querystring.

All you have to do is type something else directly into the address bar at the end of your querystring. Cross site scripting is when an attacker tries to pass in JavaScript or other scripting code into a web form to attempt to run malicious code for visitors of your site. When creating a form always ensure you check the data being submitted and encode or strip out any HTML. scan your website for vulnerability ans xss 

READ ALSO : -  2 Methods To Check Trusted Platform Module (TPM) Is Installed ?

Step 5  Set Permissions

Set Permissions-tectrick.org
Set Permissions-tectrick.org

On the Linux operating system, permissions are view able as a three digit code where each digit is an integer between 0-7.  The first digit represents permissions for the owner of the file, the second digit represents permissions for anyone assigned to the group that owns the file, and the third digit represents permissions for everyone else.

The assignations work as follows:   4 equals Read 2 equals Write 1 equals Execute 0 equals no permissions for that user As an example, take the permission code “644.”  In this case, a “6” (or “4+2″) in the first position gives the file’s owner the ability to read and write the file.  The “4” in the second and third positions means that both group users and internet users at large can read the file only – protecting the file from unexpected manipulations.

For more details about permissions

Read the following article or see the video for more details in permissions .what is permission and how it works.

READ ALSO : -  2 Methods To Check Trusted Platform Module (TPM) Is Installed ?


Click this link to read how to change permissions 

Video link

What is permission and how to change permission 

To set your file permissions, log in to your cPanel’s File Manager or connect to your server via FTP.  Once inside, you’ll see a list of your existing file permissions (as in the following example generated using the Filezilla FTP program): The final column in this example displays the folder and file permissions currently assigned to the website’s content.  To change these permissions in Filezilla, simply right click the folder or file in question and select the “File permissions” option.  Doing so will launch a screen that allows you to assign different permissions using a series of checkboxes Although your web host’s or FTP program’s backend might look slightly different, the basic process for changing permissions remains the same.  If you have any questions about modifying your folder and file permissions.