5 Tips for a Virus Friendly Website
Fewer tools exist to protect your website from viruses than your computer, and while it’s less likely that a page or script on your site will become infected, the consequences can be more devastating than a virus that you can quarantine on your computer. Removing an infected file is difficult, and Google can add your site to a blacklist and serve warnings to visitors, which damages your brand and relationships with consumers. Prevention is the best strategy when it comes to website malware, so avoid these common mistakes.
1. Outdated Scripts
Whether you hold off on updating your CMS or forget to download new plug-ins when they become available, you’re inviting hackers and viruses to invade your site. The older a script is, the most time hackers have to find the vulnerabilities. Even though it can get annoying to constantly install updates, it’s worth it for the security of your website. Add those updates as soon as possible and replace plug-ins once it becomes obvious that the developers are no longer providing updates. Fortunately, developers of scripts like Joomla and WordPress provide frequent updates for security issues, and it doesn’t take much to upgrade your installation.
2. Lack of Anti-Virus Protection on Your Computer
Although it’s not as likely that you’ll upload an infected file to your website as it is that someone else will upload one, it’s possible. Keep anti-virus software on your computer and scan files you download to make sure that you don’t upload a file with a virus. When this happens, visitors might not be able to browse your site, or it could wind up on blacklists.
3. Uploaded Files
You might have a reason to allow users to upload files to your website, but you should enact a system that requires approval or scans files before posting images, scripts or other content to your website. This protects your visitors from downloading malicious content that others may have added. Because hackers may use robots to attack your website, anti-spam measures such as CAPCHAs in your forms may help, too.
4. Phishing Schemes
You might typically think of phishing as something that occurs when people are aiming to access your bank account, but the same scheme can grant a hacker access to your website. Access your control panels directly from your browser. Don’t click links to control panels or to change your information, especially in suspicious emails that do not come from an email address that you know is associated with your host. Never reply to emails with your username and password. Once you type your username and password into a phishing website, hackers can easily gain access to your files, user data and settings.
5. Weak FTP and Control Panel Passwords
Passwords are literally the keys to our most sensitive data, and your website is no exception. Use different passwords for your control panel, CMS dashboard and FTP users, otherwise intruders can use the same password to gain more access. Pick complex passwords and change them frequently.
This article was submitted by Calvin Alston, a blogger for InternetServiceProvider.net. He enjoys writing about computer programming and repair.