is your site secure basic site security checklist
TRANSCRIPT
Is Your Site Secure? Basic Site Security Checklist
Its never a good experience to find out that server or sites on the server is compromised because of security vulnerability. A server or site can be hacked for a number of reasons but here is a checklist to check against server and site to give a confidence that have done the bare minimum to secure your hosting and website files.
Is Your Site Secure? Basic Site Security Checklist
MetaKave.com
Is Your Site Secure? Basic Site Security Checklist
• Remove malicious files and/or files you are not familiar with
• Update all scripts/applications to the newest ve
rsions available
• Update all plugins to the newest versions available
MetaKave.com
Is Your Site Secure? Basic Site Security Checklist
• Change passwords on accounts or delete unused ones
• Delete any databases/applications from your account that are no longer in use
• Fix dangerously writeable permissions Hide your configuration files
• Tweak your php.ini fileMetaKave.com
Is Your Site Secure? Basic Site Security Checklist
• Connect to your account using a secure network
• Make sure your local computer is secure
• Anti-Virus Applications
MetaKave.com
Remove Malicious File
MetaKave.com
• It is important to watch for files or directories that may sound suspicious such as ‘wellsfargo’ or ‘abbybank’
Update All Scripts/Application to the Newest Version Available
MetaKave.com
•Old security holes are updated and remedied in new versions of software
• If installed these applications using MOJO Marketplace, automatic updates are available by clicking the ‘Upgrade’ button
•The main Fantastico screen will show a link on the right-hand side of the screen with the available versions can upgrade to
Update All Scripts/Application to the Newest Version Available
MetaKave.com
•Go to the script’s official site and subscribe to their updates list or security announcements list/feed
•Applications have been updated doesn’t mean the plugins use have been also
•Popular plugins for WordPress, Joomla, Drupal, etc are created for specific application versions
Update all plugins to the newest versions available
MetaKave.com
•When updating applications, make sure the plugins using are also certified to work with the newest version of your software.
•Go to each plugin’s official site and subscribe to their updates list or security announcements list/feed.
Change passwords on Account or Delete Unused Ones
MetaKave.com
• In case a hacker got one of passwords, change them all
Change passwords on Account or Delete Unused Ones
MetaKave.com
• In cPanel, click Update Password to change cPanel password
•Update the password(s) for your FTP Accounts. In FTP Accounts click “Change Password” if still use the account or “Delete” if the account is no longer being used
• If website has an administrative section or pages change it’s password(s) also
MetaKave.com
Delete Any Database/Applications from Accounts that are No Longer In Use•Each databases/application have installed on
account is another possible point of entry for attackers
• By removing applications/databases that are no longer used,will be eliminating the potential for those outdated scripts to be exploited
MetaKave.com
• Most website files should be set at 644, and folders should be set to 755
This can be adjusted in an FTP client or by manually changing it in the Control Panel File Manager by-
• Selecting the file
• Clicking on the icon at the top of the screen that says, ‘Change Permissions’
Fix Dangerously writeable Permissions
MetaKave.com
• Moving config.php and other files containing passwords to a secure directory outside of the ‘public_html’ folder will make them inaccessible to general web surfing
Hide Configuration File
MetaKave.com
•The ‘php.ini’ file on account is file that adjusts how PHP behaves on account
•By adjusting the properties of this file,can greatly increase aspects of security
• This file is generally located in ‘public_html’ directory •If unable to see this file,it may need to manually generate one.
Tweak php.ini File
MetaKave.com
•Manually generate one by logging into Control Panel and clicking the ‘PHP Config’ icon located in the section called ‘Software/Services’
Tweak php.ini File
MetaKave.com
•Click the button that says, ‘Install Master PHP.ini File’
•This will install a file in your ‘public_html’ directory called ‘php.ini.default’
•To make this file active,then need to rename it to ‘php.ini’
•Tweak 1 – Set ‘register_globals’ to Off• Tweak 2 – Set ‘display_error’ to Off
Tweak php.ini File
MetaKave.com
•Make sure the wireless network is using a method of security such as WPA or WEP encryption
Connect Account Using A Secure Network
• One of the biggest security holes in Internet site security is accessing site from an insecure computer
• Viruses, malware and keyloggers can be installed on computer covertly
• It can be used to obtain username/password credentials or to infect website files themselves
MetaKave.com
Make Sure Local Computer is Secure
• Practice good at-home computer security by regularly running a reliable anti-virus/spyware scanner.
MetaKave.com
Make Sure Local Computer is Secure
MetaKave.com
Anti Virus Application•Here are a few high-quality, free applications that
can help you maintain a safe, healthy computer.
Windows•PC Tools Anti-Virus•Ad-Aware Anti-Malware•ClamWin•Malwarebytes Anti-Malware
MetaKave.com
Anti Virus Application•Here are a few high-quality, free applications that
can help you maintain a safe, healthy computer.
Windows•PC Tools Anti-Virus•Ad-Aware Anti-Malware•ClamWin•Malwarebytes Anti-Malware
MetaKave.com
Anti Virus ApplicationMac•PC Tools iAntiVirus •ClamXa
Linux Based•avast! Linux Home Edition•ClamAV
•If you need free consultation for SEO, feel free to contact us
•Our Email is: [email protected]
•Get Free Consultation Today
•Visit us at http://metakave.com
Get Free Quote
MetaKave.com
CommunicationSadiq M. AlamFounder & Head of Ideas
Call: (+880) 017110 56474, (+880) 09611 699 014Email: [email protected]: sadiq.alam
MetaKave Dev HQApt 12B2, Al-Baraka Tower 252 Elephant Road, Dhaka-1205, Bangladesh