The best way to keep your website Secure:
Top 100 Network Security Tools
- Use a Firewall to Shield Your Network - This is perhaps the single most important step you can take to protect yourself against hackers. If you don't know what a firewall is, or if you don't know how to select and configure one, find someone who does. Many administrators keep their companies' Web servers separate from the rest of the network to provide extra protection against break-ins.
- Require Good Passwords - As a rule, people shouldn't use dictionary words, names, or other personal data for their passwords — they're too easy for an intruder to guess.
- Limit Server Access - Only people who really need it should have access to the server. Even then, carefully control each user's level of access. And make sure you delete inactive users as quickly as possible.
- Turn off unused services on your Web server - Consider getting rid of FTP and any other services that might help an intruder break into your server. Also remove shells and interpreters you don't need and delete unnecessary directories. For example, if you don't run Perl-based CGI scripts, remove the Perl interpreter from your server.
- Check your system and Web logs for suspicious activity - Programs such as Tripwire for Unix systems and Internet Security Scanner for Windows NT can monitor your log files and alert you to any unusual behavior. Unusual log file activity might be the first — and only — warning that an intruder is trying to break into your system.
- Keep a complete backup of your Web site - And keep it on a separate, secure computer. If a vandal does manage to destroy or deface your Web site, you'll be able to get a backup version up and running more quickly.
Be very, very, very careful.
There is not much you can do except secure your files and change your passwords, and listen to the tips.
Edited by KonamiYoto, 29 July 2009 - 04:08 PM.