How to Protect Your Website From Hackers and Cyberthugs

Published July 31, 2010
 
In a perfect world, you’d be able to mind your own business and cheerfully run a successful online business without being harassed by “cyberthugs.” However, until that perfect world comes, you’ll need to slap great big KEEP OUT sign on your website. This means creating security settings which will disallow access to sensitive data and controls. This article will show you how to take these simple steps and keep your website safe from hackers.

The Most Common Site Attacks

Unless you’re the FBI, the IRS or the CIA or someone else with a sensitive high profile organization, you won’t be getting targeted by sophisticated hackers. However, there are plenty of amateur hackers who create automated scripts to penetrate people’s web security and deface their website.

As you can imagine, fixing the damage done by these “script kiddies” can be time consuming and all the while, you could be losing business and credibility. Let’s look at a few simple things you can do to keep these types of hackers from accessing your site.

Simple Site Security Measures

When you monitor the logs of your website, you’ll find that hack attempts typically come from the user-agent “libwww-perl. These user-agents attempt to access pages (URLs) on your site for the sake of injecting code or uploading files into your site. Once these scripts (often called “botnet” scripts) are injected or uploaded, they can wreak havoc on your website and disable many of your interactive functions such as server side programs.

These types of hacks can be prevented by simple blocking access from libwww-perl user-agents and URLS which include the command “=http:” “=http:” is a common code which is used by who hackers attempting to access your site and connect it to another site which contains the malicious script or software. For example:

http://www.example.com/page.php?id1=http://www.strangersite.com/id.txt?

This can be prevented by adding a code to your .htaccess file which disallows libwww-perl user-agents from accessing your site:

RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR]

RewriteCond %{QUERY_STRING} ^(.*)=http [NC]

RewriteRule ^(.*)$ – [F,L]

In addition to blocking access from potentially harmful agents, you’ll want to block the directory browsing on your website. When directory browsing is enabled, users can access directories/folders which contain your files, this means your web pages, your CSS files and any files which are uploaded to your server. You can block directory browsing on your site using the following steps:

  • Click on the “index manager” option from your CNC panel.
  • Click on the directory/folder on which you wish to disable browsing.
  • Select the “no index” option and save your settings.
Once you’ve completed this, you can double check the blocked settings by typing the directory URL into your browser. Repeat this set of steps for every directory which  you wish to block directory browsing on, which (with very few exceptions) would be all of your directories.

Other Security Precautions to Consider

In addition to blocking directory browsing and libwww-perl access, have your web programmer change any scripts using the GET command and have them replace that command with the POST instead. Without getting into the VERY detailed explanation of the difference, the GET command is much less secure than POST and there’s really no difference in the options provided by either.

Also, before you change any of your file permissions to 777 (read/write/execute) be sure that you a specific reason for doing so. Most of the time, it’s better for you to leave these changes to your web programmer. If you purchase a piece of server side software which requires you to change file permissions to 777, be sure that you thoroughly research it on all the major search engines before using it and to proceed with caution.

If you require the assistance of a web programmer to complete any of the above tasks, you can hire one and they can complete these simple steps in no more than one hour. In fact, you can also hire them to create your robotstxt file, execute your file compression and create your meta tags, all of which they can complete as a reasonable small and inexpensive job.

Conclusion

These simple security measures will keep most cyberthugs out of your website. If you feel that your site might become the target of more experienced and determined hackers, your next course of action would be to hire a professional web security consultant. However, unless you’re a high profile organization with supersensitive and valuable data on your site, these measures alone will most likely solve your security concerns.

To gain access to the most up-to-date SEO strategies, fill out the form below to sign up for our newsletter. This newsletter will help you know what Google's up to as well as how you can get your website ranking higher without raising any red flags.



{"http://www.seositecheckup.com/articles/87":{"data":[]}}
Read Related Articles About SEO Programming Topics
  •  How External CSS Style Sheets and External Javascript Files Can Boost Your Rankings
    If you’re searching for some simple ways to increase your ranking with the search engines and provide visitors with a better user experience, external CSS style sheets and external JavaScript files might just be the answer you’re looking for. As search engine companies such as Yahoo, MSN and Google continue to consider page loading speed an important factor in determining the ranking of a website, the need to reduce load times becomes more and more important. This can be accomplished through file compression strategies such as GZIP and deflation and by optimizing graphics file sizes.
  •  How Using GZIP Compression Helps Your Site's SEO
    You might have heard some talk about how compressing your web pages helps with your site's SEO, but how does it help and how can you use it on your site? This article will provide you with some details on what file compression is and why it�s essential to the process of optimizing your site.
  •  How Page Caching Optimizes Your Site Performance
    Page caching is another method which can help you to improve the load time of your web pages and thus optimize your site for the search engines. Page load time can significantly impact your user experience and your site?s ability into convert visitors into buyers or into leads. In fact, experiments at Google have revealed that just a half second?s difference in load times can cause up to a 20% reduction in web traffic.
  •  Static Links vs. Dynamic Links: Which Are Best for SEO?
    Learn about the pros and cons behind static links and dynamic links, as well as which one is best for your SEO efforts.
  •  Correct Your URL Canonicalization
    Learn about URL Canonicalization, what it is, why it is important, and how to address this for your website.
  •  Some Guidelines for Determining Web Page and File Size
    Web page size is an important factor in determining how well optimized your site is. Search engines like MSN, Yahoo and Google are considering load time to be more and more important when it comes to both search engine optimization and PPC quality scores, and file size certainly effects your website’s load time.
  •  Why You Need A Sitemap Protocol As Part of Your SEO
    Learn about how powerful a Sitemap Protocol is in enhancing your website's search engine optimization.
  •  How to Focus Your Content and Site Structure for Maximum SERP Results
    What does the future of SEO hold? Will back links, fresh content or site structure be most important for ranking high in the search engine's? Find out what Google, MSN and Yahoo! have in mind...
  •  SEO for Wordpress: Optimizing Your Blog With Wordpress Plug ins
    A simple step by step game plan for boosting the SEO of your Wordpress blog, optimizing traffic flow and increasing visitor interactions.
  •  The Importance of Avoiding the Use of Nested Tables
    Learn about why you should avoid utilizing nested tables in your web pages from both SEO and browsing perspectives.
  •  The Importance of a Robots.txt File for Your SEO
    Your Robots.txt file is what tells the search engines which pages to access and index on your website on which pages not to. For example, if you specify in your Robots.txt file that you don't want the search engines to be able to access your thank you page...
  •  Understanding Javascript Redirects
    Learn how javascript redirects work, when they are used, and better alternatives for redirecting users.
  •  Finding a Good Ecommerce System for Your Site
    Learn exactly what you need to know to find the perfect e-commerce system for selling products and services from your website or blog...

All Categories:

RSS/XML Feed RSS
Article Categories
Most Recent
Most Popular
Basic SEO
Online Marketing Tips
On Page SEO
Off Page SEO
Social Media Marketing
Seo Product Reviews
SEO News
SEO Content Creation
SEO Programming Topics
How to Avoid SEO Pitfalls
SEO Outsourcing
How to Get More Traffic
Advanced SEO Strategies