How to prevent website hackers?

Parth

Member
Let me state right away that I realize it's impossible to bulletproof your website from potential threats. But lately, hackers are getting in because the companies' website development failed to implement basic safety measures and correct the bugs that allowed the breach. The most recent example is T-mobile where all the hacker needed was user's phone number and T-mobile should have found the bug by monitoring for abuse. Another more critical example is Experian who knew about the issue, but allowed it to go on and on.

Bugs are bound to happen and hackers are going to hack. What are the best practices that website developers and owners should implement?
 

marsh

Active Member
In every sense, I think T-mobile erred in not securing user's data. How much have/did they incur in law suits? I would think that in this case, the bug would have been noticed and prevented, even before everything went too far. As an internet user, I ensure that I use complex passwords that neither capture my age, date and year of birth and so on and so forth.
 

Foroux

Member
I'm not a website developer exactly, but I take care of two WordPress blogs that are hosted elsewhere. Both have the SSL certificate. I keep WordPress, my themes, and all plugins updated. I locked down my login page and use two factor authentication (which annoys me to no end) plus I keep everything backed up religiously just in case something goes wrong. The hosting company backs everything up as well. I'm sure there's something I'm forgetting, but that's the gist of it. I don't have a shopping cart which I thought helped, but then I've seen others here have fended off hacking attempts even though they don't have a shopping cart either. I'm guessing those owners have more popular sites.
 

Swisslist

Member
Given the examples that you gave here, companies need to start with one thing: They need to care about their customers. That obviously wasn't the case with either of those companies..
 

Abhijit

Member
I'm not a website developer exactly, but I take care of two WordPress blogs that are hosted elsewhere. Both have the SSL certificate. I keep WordPress, my themes, and all plugins updated. I locked down my login page and use two factor authentication (which annoys me to no end) plus I keep everything backed up religiously just in case something goes wrong. The hosting company backs everything up as well. I'm sure there's something I'm forgetting, but that's the gist of it. I don't have a shopping cart which I thought helped, but then I've seen others here have fended off hacking attempts even though they don't have a shopping cart either. I'm guessing those owners have more popular sites.
I believe that you are going about protection in a good way. You can only do what you can do to keep hackers from getting into your site and causing problems. SSL certificates are the first step, keeping things updated and two-factor authentication all will help. No one is immune!
 

Parth

Member
Given the examples that you gave here, companies need to start with one thing: They need to care about their customers. That obviously wasn't the case with either of those companies..
That is an amazing point! I think you're right. They really just don't care. Although, I think T-Mobile immediately jumped in to fix things and alert their customers, whereas, Experian's leaders chose to sell their stock and keep quiet. Both hacks occurred due to sloppiness though.
 
Thread starter Similar threads Forum Replies Date
Prashant Sharan Companies prevent people from buying COVID-19 domains to stop money wastage Resources 0
domainking131 Prevent Your Domain Names From Getting Stolen Resources 1
domainking131 Will .Film Prevent Squatting from Unofficial Third Parties New GTLDs 0
Prashant Sharan White nationalists' website gets kicked out by Web.com ; Can Epik be the new registar ? Registrars 0
Prashant Sharan Political New Website , SourcePolitics.com ,sells on Flippa marketplace for $50,000 Non-Indian Domains 0
Prashant Sharan Vermont.com wants exit with sale of website on Flippa Non-Indian Domains 0
Prashant Sharan WIX: Covid-19's effect on website creation Registrars 0
D Advertise on a free data entry website, ranked #1 in bing For Sale / Advertising 0
Prashant Sharan Websites using .ZA ccTLD required to link to SA Coronavirus website Registrars 0
Prashant Sharan Google helps in these uncertain times with its new CoronaVirus website and expanded COVID19 search Registrars 0
Prashant Sharan ILove.Gay is the first .Gay website New GTLDs 0
J App Based CMS for Creating Website Webmaster Forum 0
Prashant Sharan Misleading website created about .ORG sale Non-Indian Domains 0
Prashant Sharan How to build a great single-page website for your small business Resources 0
H The Power of Prior Knowledge - Twister social media website - @Gold username for sale Webmaster Forum 1
Prashant Sharan Porsche tries to take down escort’s website Legal Issues and Dispute 0
Prashant Sharan This ad sends people to Google instead of the advertiser’s website Registrars 0
Prashant Sharan Beware of a new fake android app called “GoDaddy Dashboard : Website, Domain Name, Email” Resources 0
J Best CMS for website design nowadays Webmaster Forum 0
F Website dopick.com for sale External Auctions 0
F Website dopick.com for sale External Auctions 0
Prashant Sharan ESPN does away with “ESPN Slaughter” website Non-Indian Domains 0
F Website DoPick.com For Sale Websites 0
Prashant Sharan Company reportedly owned by Pharma bro doesn't have a company website Non-Indian Domains 0
maurya Turnkey website Gentsforum.com for sale! Websites 0
fpforum VB.Net Programming, PHP/MySQL Website Development Services Available For Sale / Advertising 0
Prashant Sharan BrettKavanaugh.com Becomes Sexual Assault Advocacy Website Non-Indian Domains 0
D Advertise, get backlinks on a promotional website, DA 40, TF 10, Alexa rank For Sale / Advertising 3
D How to advertise/market a website for dropshipping plants? Marketing Your Website 0
Aubits SuiDhaaga.co.in (New Bollywood Movie - Promoting their website) General Indian Domain Name Discussion 0
CyberKing IndiaCode - One website for all Indian Acts and Laws Indian Websites and Start-ups 0
D Increase MOZ DA, Majestic Trust Factor for any domain, website For Sale / Advertising 0
Santosh M want to sell my www.socialnaka.com website For Sale 0
JulienJ Sex cam website owner nailed for reverse domain name hijacking Legal Issues and Dispute 0
CyberKing BCCI Website Goes Offline After Board Doesn't Renew Domain in Time The Lounge 0
domainking131 Futura Domains Launches New Domain Name Auction Website The Lounge 0
domainking131 Neustar moves its website from Neustar.biz to Home.Neustar New GTLDs 0
domainking131 How to Add Google Analytics to Your WordPress Website Webmaster Forum 1
domain investor Expatriate.life Domain - Ideal for Developing as Website External Auctions 1
domainking131 Bigfoot says it was swindled in celebrity website purchase Legal Issues and Dispute 0
domainking131 Google Just Made SSL Certificates A Must Have For Your Business Website Websites 10
Raman How to add schema markup for local business listing website Webmaster Forum 1
tulip Videos on your website Websites 9
ritchie Redesigning your website Websites 1
domainking131 New GoDaddy phishing email and website using a domain registered at GoDaddy! Registrars 1
Raman SEO Audit for a website Webmaster Forum 1
D qna(.)in, LLL.in for question and answers website For Sale 0
dibon Popularizing your website Websites 2
ritchie Website's long-term value Business and Economy 2
Saki Website Music Websites 4
Similar threads


















































whois



Forums dedicated to Indian domain names, including buying, selling, appraising, developing, and monetizing.

About Us

Threads
26,352
Messages
73,206
Members
7,606
Latest member
adroitdomains
Top Bottom