Sign up to save your podcasts
Or
Share How To Secure Your Web Hosting Account
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
How To Secure Your Web Hosting Account
5 Ways To Secure Your Web Hosting Account
Hello, I’m Carlos Quintero owner of a Full Service Media & Marketing company called MediaOnQ.
One of our areas of expertise is website design and development.
So today, we’ll be discussing how to secure your web server as consumers not as network engineers.
We’ll be covering 5 key areas that impact our website’s security.
Our company website or websites the face of our business on the World Wide Web.
Sometimes selecting a business hosting provider can be time-consuming but taking the time to find reliable business hosting is absolutely worth it.
Because once your website is up and you start adding content to it, it becomes a valuable business asset.
And for sure, an asset that is worth defending against malicious attacks.
Here are 5 easy and practical ways to keep your hosting account secure as you continue to grow your website.
Keep All Software Updated
Most small business owners use software like WordPress or Drupal to publish their web content and manage their website. Or if they have an online store they might use an application like osCommerce or Magneto.
Overtime, these applications and scripts are updated and revised by their development teams.
Most often these revisions offer vital protection against bugs and security vulnerabilities.
Keeping your software up to date takes minutes. Where as repairing a hacked website could take days or weeks and in some extreme cases you make end up losing everything.
Of course this all depends on the severity of the attack.
So what can we do to keep all of our software updated?
Here are three action items for you.
First: Install security patches and updates as soon as they are made available. This will help keep your data secure and ensure that your website isn’t compromised by hackers.
Second: Make it a habit to regularly check your plugins and add-ons for updates and install those too.
Third: Always back up your databases before installing new updates - just in case something goes wrong.
You don’t want the headaches involved with not having a backup of your databases...that can be a topic for a future podcast.
Cleanup Your Accounts
When you first set up your web hosting account you probably will need to create multiple login accounts for things like FTP, email and database access.
Over time as you are exposed to what is possible your needs will probably change.
Some of these changes may cause for some of the original accounts to become redundant.
Or maybe there was someone on your staff who needed access for something specific and is no longer there.
Or maybe you worked with freelancers at some point and don’t anymore.
Leaving their login credentials in place as in not removing them would then leave their login details in limbo and that’s something you’ll want to avoid.
So here are three useful suggestions to help cleanup your accounts.
First - regularly review all of the user permissions and accounts in your web hosting control panel.
Second - remove any users that are redundant to reduce the risk of someone hacking into your hosting account, or misusing a login that has been long forgotten.
Third - remove any generic accounts that are no longer required.
Lockdown Private Files
It is inevitable. Not all files that are uploaded to your web server will be intended for public access.
You may upload project ideas, contracts or even test data.
Some people continue to use their web server as a storage hub for archived material or as a way to share documents.
Solutions like Google Docs or DropBox are a better option in my opinion but I still have clients who have not made that switch.
So the risk there is that as time passes, you may not remember what you’ve uploaded and that could present a security problem.
Web servers are intended to be accessible right, so safeguarding sensitive information is a must.
So here are my three suggestions to help you lockdown private files.
Fist - use the tools in your host’s control panel to lock down access to files and directories that should be private and periodically review security on any sensitive data.
Second - whenever possible use password protection settings on your sensitive directories.
Third And this is one that you will want to think about before you try it - set rules via htaccess files, but make sure that you are comfortable writing the syntax because a poorly-written line in the htaccess file can cause extensive problems with your website.
Practice Good Password Etiquette
You have been given one username and password for your control panel, one for your database or databases and another for your email accounts as well as another for your FTP account.
As tempting as it may be to use the same password for all of these - don’t do it.
Why?
Because if a hacker got a hold of your password he or she could wreak havoc on ever part of your web server.
So here are my three suggestions to help you practice good password etiquette.
First - set all of your passwords individually and use a mix of uppercase letters, lowercase letters, special characters and numbers.
Second - if you store or save your passwords on your computer, use a secure password vault from a reputable vendor.
Third - change your password every other month and make sure not to recycle passwords in other words don’t use a password more than once.
Backup Your Files Regularly
No matter how hard you work at keeping your web server secure and your website safe...there may be a time when the worst can happen.
Hackers may find a way in to your website and web server even if you are vigilant.
The damage they cause can take days or even weeks to fix.
There are some hosting companies that offer backup services as part of their standard package.
Most offer backup services as an added feature which means extra paid feature.
If you’re not sure if your hosting provider offers this service as a stand alone or included offering I’d suggest you contact them and ask.
Or you can check their website and see if the service is included.
Or you might check some web hosting review sites to find out how they stack up agains others.
The point I’m trying to make is don’t assume...find out.
So here are my three suggestions to help ensure that you backup your files regularly.
First - find out if your web host offers backup services. Find out how easy they are to access should you need them and find out if you have to pay to retrieve lost files.
Second - if your host doesn’t offer backup services then you need to get into the habit of backing up your files, folders and databases regularly.
Third - Don’t forget to backup email mailboxes.
We all know that creating and developing a website requires a significant investment of time and resources.
But going through the process is not an option if we want to compete in today’s web economy.
So it makes sense to ensure that your investment is protected.
So keep these 5 points in mind as you work toward securing your web hosting account.
Keep All Software Up To Date
Cleanup Your Accounts
Lockdown Private Files
Practice Good Password Etiquette
Backup Your Files Regularly
Although it isn’t possible to completely protect against every possible attack or mishap, thinking ahead and securing your hosting account will help to ensure you are in the best possible position if the worst happens.
If you need help implementing any of my suggestions I am here to help, you can email me at [email protected].
I hope that you found this information useful.
If you did please subscribe on iTunes, leave us a review and share it with a friend.
If you’d like additional information about our web design and development services please visit mediaonq.com
View all episodes
By Carlos Quintero5 Ways To Secure Your Web Hosting Account
Hello, I’m Carlos Quintero owner of a Full Service Media & Marketing company called MediaOnQ.
One of our areas of expertise is website design and development.
So today, we’ll be discussing how to secure your web server as consumers not as network engineers.
We’ll be covering 5 key areas that impact our website’s security.
Our company website or websites the face of our business on the World Wide Web.
Sometimes selecting a business hosting provider can be time-consuming but taking the time to find reliable business hosting is absolutely worth it.
Because once your website is up and you start adding content to it, it becomes a valuable business asset.
And for sure, an asset that is worth defending against malicious attacks.
Here are 5 easy and practical ways to keep your hosting account secure as you continue to grow your website.
Keep All Software Updated
Most small business owners use software like WordPress or Drupal to publish their web content and manage their website. Or if they have an online store they might use an application like osCommerce or Magneto.
Overtime, these applications and scripts are updated and revised by their development teams.
Most often these revisions offer vital protection against bugs and security vulnerabilities.
Keeping your software up to date takes minutes. Where as repairing a hacked website could take days or weeks and in some extreme cases you make end up losing everything.
Of course this all depends on the severity of the attack.
So what can we do to keep all of our software updated?
Here are three action items for you.
First: Install security patches and updates as soon as they are made available. This will help keep your data secure and ensure that your website isn’t compromised by hackers.
Second: Make it a habit to regularly check your plugins and add-ons for updates and install those too.
Third: Always back up your databases before installing new updates - just in case something goes wrong.
You don’t want the headaches involved with not having a backup of your databases...that can be a topic for a future podcast.
Cleanup Your Accounts
When you first set up your web hosting account you probably will need to create multiple login accounts for things like FTP, email and database access.
Over time as you are exposed to what is possible your needs will probably change.
Some of these changes may cause for some of the original accounts to become redundant.
Or maybe there was someone on your staff who needed access for something specific and is no longer there.
Or maybe you worked with freelancers at some point and don’t anymore.
Leaving their login credentials in place as in not removing them would then leave their login details in limbo and that’s something you’ll want to avoid.
So here are three useful suggestions to help cleanup your accounts.
First - regularly review all of the user permissions and accounts in your web hosting control panel.
Second - remove any users that are redundant to reduce the risk of someone hacking into your hosting account, or misusing a login that has been long forgotten.
Third - remove any generic accounts that are no longer required.
Lockdown Private Files
It is inevitable. Not all files that are uploaded to your web server will be intended for public access.
You may upload project ideas, contracts or even test data.
Some people continue to use their web server as a storage hub for archived material or as a way to share documents.
Solutions like Google Docs or DropBox are a better option in my opinion but I still have clients who have not made that switch.
So the risk there is that as time passes, you may not remember what you’ve uploaded and that could present a security problem.
Web servers are intended to be accessible right, so safeguarding sensitive information is a must.
So here are my three suggestions to help you lockdown private files.
Fist - use the tools in your host’s control panel to lock down access to files and directories that should be private and periodically review security on any sensitive data.
Second - whenever possible use password protection settings on your sensitive directories.
Third And this is one that you will want to think about before you try it - set rules via htaccess files, but make sure that you are comfortable writing the syntax because a poorly-written line in the htaccess file can cause extensive problems with your website.
Practice Good Password Etiquette
You have been given one username and password for your control panel, one for your database or databases and another for your email accounts as well as another for your FTP account.
As tempting as it may be to use the same password for all of these - don’t do it.
Why?
Because if a hacker got a hold of your password he or she could wreak havoc on ever part of your web server.
So here are my three suggestions to help you practice good password etiquette.
First - set all of your passwords individually and use a mix of uppercase letters, lowercase letters, special characters and numbers.
Second - if you store or save your passwords on your computer, use a secure password vault from a reputable vendor.
Third - change your password every other month and make sure not to recycle passwords in other words don’t use a password more than once.
Backup Your Files Regularly
No matter how hard you work at keeping your web server secure and your website safe...there may be a time when the worst can happen.
Hackers may find a way in to your website and web server even if you are vigilant.
The damage they cause can take days or even weeks to fix.
There are some hosting companies that offer backup services as part of their standard package.
Most offer backup services as an added feature which means extra paid feature.
If you’re not sure if your hosting provider offers this service as a stand alone or included offering I’d suggest you contact them and ask.
Or you can check their website and see if the service is included.
Or you might check some web hosting review sites to find out how they stack up agains others.
The point I’m trying to make is don’t assume...find out.
So here are my three suggestions to help ensure that you backup your files regularly.
First - find out if your web host offers backup services. Find out how easy they are to access should you need them and find out if you have to pay to retrieve lost files.
Second - if your host doesn’t offer backup services then you need to get into the habit of backing up your files, folders and databases regularly.
Third - Don’t forget to backup email mailboxes.
We all know that creating and developing a website requires a significant investment of time and resources.
But going through the process is not an option if we want to compete in today’s web economy.
So it makes sense to ensure that your investment is protected.
So keep these 5 points in mind as you work toward securing your web hosting account.
Keep All Software Up To Date
Cleanup Your Accounts
Lockdown Private Files
Practice Good Password Etiquette
Backup Your Files Regularly
Although it isn’t possible to completely protect against every possible attack or mishap, thinking ahead and securing your hosting account will help to ensure you are in the best possible position if the worst happens.
If you need help implementing any of my suggestions I am here to help, you can email me at [email protected].
I hope that you found this information useful.
If you did please subscribe on iTunes, leave us a review and share it with a friend.
If you’d like additional information about our web design and development services please visit mediaonq.com