Website Security

by brandon2664

Posted: 12 years ago 7 replies

INTERNET MARKETING

I was just threatend by email from an apparent "computer-expert". I have always thought about the security of my website, but have always put it off.

My website is on shared hosting. I don't keep any personal cutomer info in databases. I have an ssl installed for logging in and signing up.

Is there anything I could use to point out security flaws in my website?
Like mcaffee etc...

Thanks for the help.

#security #website

KimW

12 years ago

What threat did he make? Is he going to take your site down?
Why would he be threatening you in the first place? Do you know him?
Did he just pick you out of the blue? What kind of site do you have,is it a Word Press site?
These are just a few of the question that should be answred before people can give you relevant advice.

Thanks
2 replies

Signature

Read A Post.
Subscribe to a Newsletter
KimWinfrey.Com

{{ DiscussionBoard.errors[5934367].message }}

brandon2664 12 years ago

I don't use wordpress. Just html, css, jquery, and php.
I don't talk to anyone in my niche.

He didn't say he was gonna take my site down. He said he looked at my scripting and html forms. I think it was just someone trying to get a rise. I didn't answer them back and don't plan on it.
- Thanks
- 1 reply
{{ DiscussionBoard.errors[5934390].message }}
- mystockanalysis 12 years ago
  
  Do you have any of the following:
  
  #1 An "admin" section of your site that you log in to manage content or accounts?
  #2 Do you have any pages that allow you to upload any type of file to your server? Such as uploading images or really anything?
  #3 Any place you accept input from the user:
  - Signup forms
  - login forms
  - submit email forms
  - etc
  Any place a user can type something into an input box that you process on your site, do you escape the string before passing that info into a query on your database?
  #4 What method do you use to access your server, ftp, cpanel, ssh?
  
  If you do not have any of 1-3, then your likely fine. However, I would ensure you are using strong passwords (changed regularly) for your #4 answer. Ideally for #4 if your web host allows it, restrict login access ONLY to your IP address/range
  
  [ 1 ] Thanks
  
  1 reply
  
  {{ DiscussionBoard.errors[5934462].message }}
  
  brandon2664 12 years ago
  
  Yea I have sign up forms and login forms. No file uploads though.
  
  Thanks for the input guys
  
  Thanks
  
  {{ DiscussionBoard.errors[5934883].message }}

seogoa

12 years ago

Originally Posted by KimW

Thanks kim. Yes, we should check these things ourselves first.

Thanks
1 reply

Signature

-~-
Life is beautiful!
-~-

{{ DiscussionBoard.errors[5935140].message }}

simona86 12 years ago

Try installing the Better WP Security from the official WordPress plugin directory. It will harden your WordPress install and give you advice if anything else needs to be done.
- Thanks
{{ DiscussionBoard.errors[5977664].message }}

lotsofsnow 12 years ago

Every web site can be hacked.

It is just a question whether somebody will take the time to do it and if somebody would hack it, what could they get out of it.

If your site is not well known it is unlikely that somebody will hack it just for fun and if it is a plain html site with only ftp access the most likely weak point is your password.
- [ 1 ] Thanks
Signature

Call Center Fuel - High Volume Data
Delivering the highest quality leads in virtually all consumer verticals.
{{ DiscussionBoard.errors[5934529].message }}

Website Security

Trending Topics

How did you turn it all around?

Any thoughts on golf's latest phenom...Scottie Scheffler??

What's the Best IM-Related Skill to Learn Today That Can Help in the Future?

best high quality crypto traffic.

Some interesting stats about brand comms