Hosting Security and Technology

Started by Bakish, Jul 27, 2022, 10:54 PM

Previous topic - Next topic

BakishTopic starter

Use the correct permissions for directories and site files: the standard permissions are "644" for files and "755" for directories. They are enough for the site scripts to work correctly. Do not use the "777" rights. Such attributes are a potential vulnerability, they provide ample opportunities for malware.

Always use the latest version of CMS, themes and plugins. Install updates in a timely manner — developers close vulnerabilities in them, which increases the security of the site.

Plugins and themes need to be installed only from official sources. Malicious inserts are often found in "hаcked" versions.

Use an SSL certificate for the site and configure redirection of all HTTP requests to HTTPS.


In order to protect your site from hаcking, you should follow a few simple tips:

Do not store access credentials anywhere.
Set the correct permissions for directories and files. The rights to files are 644 to folders 755.
Use the latest versions of CMS and plugins, it is advisable to subscribe to a mailing list or RSS informing about the release of security updates.
Always use long complex passwords and non-standard logins, periodically change them.
Use antivirus software and regularly update antivirus databases.
Install operating system updates as they are released.
Do not use outdated browsers.
Do not upload unknown scripts to your hosting. Often, for example, there are viruses in hаcked (nulled) versions of paid scripts.
Do not follow unknown links in emails, social networks and Internet messengers (icq, jabber).
Do not save passwords in FTP clients - very often viruses take information from the FTP client.
Have local backups of websites.
If the site is already infected

You have the option to request the restoration of the site from a backup.
After restoring the site's functionality, change the password for accessing the FTP account and DBs.
After restoring the website from the backup, update the CMS to the current version, as well as update its add-ons.