Your website connects to the world through ports. You can think of these as windows or doorways that allow your website to communicate with the rest of the Internet. You’ll typically have one port available for each web service that you offer. For example, you’ll have one for allowing people to view your website, one for sending and receiving email, one for FTP access, and a dozen others you may not even be aware of. These ports allow your data to flow freely to where you need it to go, but when left open and unprotected, these ports can also act as a tool for hackers to gain access to your data and take control of your website. It’s best to take a proactive approach to port security and deny access to any attempts to use these ports maliciously.
For example, depending on your needs, you can block entire series of IP addresses denying access to your website and web services. You can also block access from countries known to harbor some of the most pernicious internet attacks such as Russia, China, or Iran. As part of a general security overview, review your current port configurations and make the necessary changes so that good information can flow freely and bad code or hacking attempts are locked out. You can also implement a Fail2Ban program that blocks someone that makes more than three or four failed attempts to login into your platform.
When we think of hackers, we often picture some lone person in a dark basement ferociously typing away at a computer terminal that’s filled to the brim with glowing green lines of code. The truth is that hackers have become much more sophisticated over the years and now rely on robots to carry out most of their attacks. These so-called zombie computers are programmed for one single purpose - to find known vulnerabilities in your website and exploit them. This could mean taking control of your content of simply shutting your site down with a denial of service attack. There are tools to monitor traffic flowing to your website to find these attacks before they start, then use this information to build a so-called “BlackList” of computers that are suspected of suspicious activity and block them from being able to access your site. This allows you to have peace of mind that your site will remain up and running despite any attempts by these zombies to shut you down.
Most websites today run on a Content Management System, or CMS (WordPress is a very popular CMS). This allows for novice users to administer the system and easily change content such as blog posts etc. without needing to know a lot of HTML or code. However the ubiquity and flexibility that these systems offer also posses a few problems that need to be addressed in order to make sure that your website remains firmly under your control. Out of the box, all CMS’s will offer the most basic level of security - and that starts with your password.
Websites that are hosted on our server are required to utilize strong passwords that include both letters, numbers, and special characters. In addition to this base security, you can create different user roles within the CMS - this will allow you to, for instance, create a “Super User” or “Administrator” who has access to the entire website and can make changes to any page as needed. This role will ideally be limited to a select group of people who are technically highly proficient. In order to remain flexible and streamlined, you can create other roles for your content producers - you can give certain people access only to update your blog posts or change your homepage images. Always know which users have access to which parts of your site. This close monitoring will allow you to avoid accidental or bad-natured changes to your website and allow you to track down the culprit should anything go awry.
The very fact that CMS’s are the common platform on which most of today’s internet is built makes them a lucrative target for hackers. If a hacker finds an sensitive exploit in one version of a popular CMS then not only can they attack that site, but they can attack all other sites running on the same software. That’s why we monitor a CMS for security patches and upgrades and make recommendations on implementing these updates when necessary. These upgrades can generally be handled with no or very little downtime of your actual site and will provide you with the comfort of knowing that you always have the latest protection. We sometimes see a website’s “Comments” section used for penetration. Who knew? And how would you know?
So far we’ve talked about specific attacks against your website - being shut down, being hacked to run zombie code, or having hackers change the content on your site. There’s another reason to remain vigilant of your system and that’s your domain’s reputation. The reputation of your domain is a very valuable commodity and needs to be taken just as seriously as monitoring for a direct attack. If you have a website that has broken content, or is hosting malware, or is sending out spam this can affect your websites reputation in very adverse ways.
Your website will start getting marked as either a malicious website or a poorly designed one by large online content providers such as Google, Bing, Facebook, Gmail, etc. This will cause your messages to go into spam folders automatically and will decrease your ranking in search results. Even worse, visitors who try to access your site may be warned by their browser that your site is unsafe and be directed away from it.
This is why it is imperative to host your website on a secure server and have it protected by a trusted and reputable security expert who will not just monitor for straightforward web assaults but will also be on the lookout to protect your reputation across the web.