The world of the internet is a cruel and ruthless place. It’s filled to the brim with hackers, malware creators and malicious users. For any online business administrator that means they have to take very careful and measured steps to protect their site and credibility. This article will show you some simple steps which go a long way to keep your website safe from the dangers of the web.
- Block “libwww-perl” user agents: Typically most of the hacking attempts come from the “libwww-perl”user-agent. They mainly attempt to access the URLs of your site to upload malicious files and to inject malicious scripts and codes.
To block the “libwww-perl” user agent you have to add the following codes to your “.htaccess” file:
RewriteCond %{ HTTP_USER_AGENT} libwww [NC, OR]
In addition to blocking the “libwww-perl” user agents it also blocks the common “=http:” URLs used by malicious users attempting to install scripts to your site from another site.
RewriteCond %{ QUERY_STRING} ^ (.*) =http [NC]
RewriteRule^ (.*) $ – [F, L] - Disable directory browsing: Directory browsing is a very useful way to access the files inside your root directories, which are the CSS, HTML, and JS files uploaded to the server. But this feature can also be used to maliciously modify your files. So typically you will wish to disable directory browsing in all of your directories by following these steps:
- From your CNC panel click on “index manager” option.
- Click the directories on which you wish to disable browsing.
- Select the “no index” option and save your settings.
Double check whether directory browsing has been blocked by going to the directory URL(s) you blocked in your browser.
- Replace GET commands with POST commands: To make your site even more secure, ensure that your web programmer is using the POST command instead of the GET command. While both of them do the same work, the POST command is much more secure than its counterpart and is the recommended way to write scripts.
- Take care with 777 permissions: The file permissions 777(read/write/execute) makes a file readable, writeable and executable on your server. Thus if a malicious user modifies such a file then it can wreak havoc on your server and website and also your credibility and reputation can take a huge hit. For this reason do not change a file permission to 777. If a server side software or hardware requires you to change specific file(s) permission to 777 then ensure that you have thoroughly researched it on any major forums and search engines before proceeding to change the permissions.
The security measures given above will suffice to keep most cyber criminals and malicious users away from your website. However, if your website has become a sensitive and high profile organization, then you will need to hire the services of a professional internet security expert. But until that happens, these steps will prove to be more than enough for your site and security concerns.
This blog is provided to you by one of the well known Melbourne SEO services provider – Platinum SEO. Melbourne based SEO Services always tops the ratings from the clients, so join us!