Let’s face it: The Internet isn’t the golden playground it once was, where all could go and have their swing in peace. In fact, it’s now so overrun with bullies and miscreants that it’s a wonder we haven’t decided to swap school districts yet! That was a joke, but the idea remains the same. It’s a wild, wild world out there, and if you aren’t careful, your site may be a ripe melon just waiting to be cracked open.
However, there are steps you can take to safeguard your source of livelihood. First of all, simply admitting that you need to keep your server locked down is a good place to start. From there, it’s worth taking a look at the way you manage your site. If you’re doing any number of things wrong, you may be leaving your site exposed. With that in mind, take a look at the following common mistakes, any of which can drastically reduce the security of your site:
Is Your Password Strong?
Seriously, though, this is one we just can’t seem to convince people to consider. No matter how unique or quirky you may think your password is, if it’s a common phrase or word, it just ain’t strong enough to be your main horse. Most hackers use password guessing software to get at your goods, but a lot of the time they don’t even have to go that far. Be sure your password is long, has a few capital letters, and at least one number. There are too many permutations for even a computer to guess, and if you take advantage of this, you’re already close to home, as far as server security goes.
Keep To Your Roots!
There’s no reason at all that you should constantly be logging in as the root user. No matter how powerful it may make you feel, you just shouldn’t be doing it, because leaving your account access open like that is like tacking a sign to your site that says, “Hack me, please!” Likewise, if your SSH accounts offer direct root access, you’ll want to change that immediately. Having that level of control just laying around is in no way healthy, and will very quickly compromise your site.
Know Your Traffic
Lastly, don’t be oblivious to your traffic, and learn to watch your site’s flow. Know who and where your traffic usually comes from, and be aware of any sudden changes in this pattern. If you see a new user from a suspicious location, be on your toes. The best defense is to keep your eyes open!