Website Security Improvement

The first thing we do when you submit your website for security optimization is to scan all of its files to detect any signs of hacking. If anything is found, we examine possible ways to restore it and inform you. If nothing is found, we proceed to the next steps.

We check whether the extensions used on the page have any history of vulnerability and examine whether they need to be upgraded to the latest version (if it has been fixed) or whether they need to be removed and replaced with another equivalent one.

As all administrators know, the permissions of the files and folders that make up your website are the first line of defense against would-be hackers. It is therefore essential that they are correctly set to 755 for folders and 644 for files. This provides the first level of security we desire.

By adding a firewall, we greatly increase the security of your website and protect you from most potential risks:

• IP Blacklist and Whitelist: Traffic to your website is monitored 24/7, and IP addresses that frequently attempt to breach your website are automatically placed on a Blacklist, prohibiting access to your website. Conversely, if you use specific IP addresses to manage your website, we can place these addresses on a Whitelist so that only they have access to manage your page.
• Blocking SQL injections: SQL injections are a method of attacking your database by inserting malicious SQL code. Your firewall protects you from such attacks, which are among the top 10 most frequent cyber attacks.
• Anti-Spam: A hidden field is added to every registration or contact form, which is not visible to the naked eye, but only in the code. This way, when a robot tries to fill out the form, it will also fill out this field, which will indicate that it is not a human but a bot, and it will be blocked by the firewall. Also, if requested, we create a list of “bad” words that usually accompany spam, such as pharmaceutical terminology, etc., and whenever one of these is detected, it is automatically blocked.
• Upload Scanner: Every file that attempts to be uploaded is checked by the firewall. If it contains even a single line of PHP code, it is blocked.

Project Honeypot is a collaborative effort to collect data on spammers and rank them on a risk list according to their activity. So, when someone has accumulated enough “points” for bad behavior, they are automatically blocked from all websites participating in the Honeypot project. In this way, we block bad users before they even have a chance to misbehave on your website.

In addition to increasing speed, a proper CDN also provides increased security for your website. We provide you with a free CDN (Content Delivery Network) through which you will gain basic code optimization, an extra caching feature for faster speeds, and the use of the CDN firewall as an extra protection filter between your website and visitors.

If, despite the above, you still have problems with spamming bots, we install Google’s reCAPTCHA application. This means that every contact form, registration form, comment form, etc. will display a test that the user must answer or complete correctly in order to proceed.

The generator meta tag is the information contained in your website’s source code and shows which tool was used to build the website, e.g. Joomla! or WordPress. All large and popular platforms, such as the two mentioned above, are often targeted by hackers who happen to have identified a weakness in the platform and send their robots to find potential victims! So, by hiding or falsifying this information, we confuse the robots that scan your page looking for weaknesses and prevent them from launching their targeted attack.

Firstidea collaborates with Siteground to provide you with excellent hosting services that will relieve you of any worries and improve your website’s security and speed. Read more here: Website Hosting Services.