1. Software and Scripts Up to Date:
If for some reason you are running an old version of phpbb, or maybe an old vbulletin or even a simple script, make sure you upgrade them to the latest version. That may get your website hacked easily using methods like RFI or SQL injections.
2. Plugins, Add-ons and Modules:
Running a CMS websites like Joomla, Mambo, Datalife or maybe a forum like phpbb, SMF, vbulletin will think again before uploading/installing modules and plugins. The developers of those scripts take good care of their codes to keep it clean of exploits and bugs. The plug-ins developers most of the time don’t, they are the 70% cause of hacking those kinds of software
3. Protect Your Password:
If you run a very popular site then be careful. Some people may love you, some people may hate you. They could try to get into your FTP, cPanel, or hosting account. Some of them may even try to send you Keyloggers, Trojans and monitoring programs to get access to your websites. Be careful when accepting files, using instant messaging software like Yahoo, MSN, or AIM. Also always use the hardest password possible. For those VPS / Reseller / Dedicated Costumers is important to keep in mind that the root’s password for MySQL is also a big factor when talking about hacking, it’s always good not let it as default, this may cause you lose all your tables and rows.
4. Keep your Hosting Account and PC Clean:
Most people have lots of files they don’t even use on their hosting accounts and computers. On their hosting accounts, this may cause wrong indexation in search engines like Google, Yahoo, Msn, and Ask. They may start indexing old sites in forgotten folders, as personal files like pictures and more, it’s always good to keep your hosting account with only your website updated content.
5. Quality Before Quantity:
Use quality software for your site. Why use phpbb (greatly Coded), if you can buy a vBulletin License. If you’re already making a revenue from your site using advertising programs like Google AdSense, cpx Interactive and more, then think that you have to invert to win. The more you invert, the better chances you have to win, this may keep your site clean of hackers.
6. Don’t put all your eggs on the same basket:
If you have some time in the Web Business and have more than 2 sites then protect them. Did you know that if one of your websites gets hacked, all of the other websites in the same hosting account may get hacked too. Yes, Defaers can easily upload a shell to your FTP and get access to all your sites. You can easily prevent this by buying a Reseller Account or buying more than one Hosting Account, even if they offer you a lot of hosting storage and bandwidth.
7. Knowledge is Power:
Learn, read, and search. Nowadays with the use of great search engines, you can access a lot of information that may keep you safe and may even make you a Defacer or Hacker. Most of the Hackers have learned to use search engines and community forums. Underground community’s that provide them carding information, defacing information and a lot more. To Prevent them you got to think like them.
8. Check CHMOD, Permissions:
Most of the time while installing new scripts they ask you to CHMOD to 777, for some files, sometimes that may be fatal. When a Defacer comes into your site files it becomes easier to modify/edit/delete the files with 777, if you public_html folder has those permissions your basically done, and hacked. But if it doesn’t then he can only modify the ones with those permissions. It’s good to keep in mind so that when you finish the installation you bring back all the old permissions.