• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Student360
  • About
    • Secure360
    • UMSA
  • Secure360 2022
  • For Sponsors
  • For Speakers
  • Get Involved
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

5 tips to protect your company website from attacks

March 7, 2016 by Secure360 and UMSA

tips for website security

Copyright: Pixabay

You likely don’t leave the door to your home unlocked when your family is not there—thieves are more likely to steal from a home that is unlocked. In the same way, leaving your website unlocked and unprotected is like leaving an open door for hackers to steal valuable customer or company data. A breach can have damaging effects on a businesses reputation that are hard to undo, but there are steps to take in advance to prevent attacks on your company website.

1. Keep platforms and scripts up to date

One of the best and easiest steps you can take to protect your website is to make sure any platforms or scripts that have been installed are up to date. Many of these tools are created as open-source software programs, which means their code is easily available—both to good-intentioned developers and malicious hackers. Cybercriminals can find security loopholes that allow them to take control of your website by exploiting any platform or script weaknesses. To enhance the security of your website once your platform and scripts are up to date, look into and install security plugins that actively prevent against hacking attempts.

2. Tighten admin controls

The admin level of your website provides easy access into all data and information that you likely do not want hackers to have access to. It is important to keep tight admin controls and access by enforcing user names and passwords that cannot be easily guessed, changing the default database prefix from “wp6” to something more difficult to guess and limiting the number of login attempts within a period of time. Reset passwords occasionally and never send login details by email, as e-mail accounts can be easily hacked.

3. Consider installing a firewall

A web application firewall will sit between your website server and the data connection and reads data and traffic passing through it. Typically firewalls block all hacking attempts and also filter out other types of unwanted traffic, like spam and malicious bots. Firewalls have been, and should continue to be, an integral part of multi-layered defenses for both business and personal security alike.

4. Limit file uploads

Regardless of how thoroughly your system check out files before uploading to your website, bugs can still get through, allowing hackers access into your files and system. The best solution is to prevent direct access to any uploaded files. Store them outside the root directory and use a script to access them when necessary. Your web host will probably help you to set this up.

5. Stay informed on threats

In order to protect yourself from threats, it is important to stay informed and educated on what kind of cyber attacks are currently threatening the industry. Cyber threats are on the rise and new methods of attack seem to arise daily. Here are a few of the biggest threats predicted for this year.

Has your company website been hacked in the past? What other tips would you recommend to businesses working to keep their website secure from hackers? Comment below with your thoughts.

Filed Under: Business Continuity Management, Cybersecurity, Risk and Compliance

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Secure360 Conference
    Secure360 Conference: New post alert! Learn more about our awesome 2022 @UMSAOrg #scholarship winners https://t.co/C8VnqX3wWW
    about 9 hours ago

  2. Secure360 Conference
    Secure360 Conference: With so much fun had this year, we're eager for next year! Mark your calendars for May 9-10, 2023 back at Mystic La… https://t.co/Cbk0abnNSO
    about 1 day ago

  3. Secure360 Conference
    Secure360 Conference: With #Sec360 2022 officially in the books, we wanted to share a little recap of the fun! https://t.co/iMPwAp1Kac … https://t.co/kk7xRUXoRo
    about 4 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2022 Secure360. All rights reserved.