Top 10 ways to secure your website from hackers and spammers

In today's world, a website is an essential and, sometimes, the most important component of any business, organization, community or group. Websites range from small sites owned by individuals to large enterprise domains and e-commerce platforms dealing with sensitive customer and commercial data.

Whatever be the size of a website, security is at the core of any online platform and webmasters need to ensure the safety and availability of their site at all times.

The following list details ten simple ways to secure any website from hackers and spammers:

1. File-system permissions on the host server.

A website may be developed in HTML, PHP, .Net, Java or any other web language but, irrespective of the design, all websites have application files deployed on the web server. It is our duty to ensure that all application files are readable and writable only by the owner of the file. All other users such as group owners and general public should only have read access to the application files. A Unix or Linux file system should have the permissions set to 644 for proper security. In case of a shared hosting service, connect with the hosting provider to ensure that proper file system permissions are in place.

2. SSL certificates.

Install SSL certificates on the web server. This will ensure that all data transferred to and from the website is encrypted and cannot be easily compromised by hackers. SSL certificates are not very expensive and adds credibility to a site. It is also said to improve search engine ranking.

3. Complex long-length password.

Ensure that all user and database passwords are at least 8 characters in length or more with a mix of alphanumeric characters and symbols. Alphabets should be used in both uppercase and lowercase format. Refrain from using personal information such as date of birth, address or phone number.

4. Minimize the use of plugins and theme add-on(s) in CMS platforms.

Most CMS platforms such as Wordpress and Joomla use themes, plugins and add-on(s) to enhance the functionality and look and feel of a website. It is recommended to minimize the use of plugins as much as possible. Plugins slow down a website and may also contain malicious code which may compromise your website's security features. It is advisable to download essential plugins from trusted and official sources only rather than from third-party sites. If possible, a review of the plugin code for external references can further aid your security checks.

5. Use Google ReCaptcha, Invisible Captcha or any other Captcha service.

This will minimize brute-force attacks for sign-up/login screens and minimize or eliminate spam email from contact forms.

6. Scrutinize freely available PHP/Javascript/Perl codes.

Adding new functionalities to a website and customizing its look is something we all desire. But we should maintain caution while copying snippets of code from the internet and deploying them on a live server, especially if it contains references to external Javascripts.

7. Configure the "robots.txt" file properly.

This will prevent search engines from indexing restricted or private folders containing credentials and other sensitive information.

8. Use the ".htaccess file" judiciously.

This may be used to enable a variety of security restrictions on a website. However, the changes must be reviewed by an expert or the hosting service provider so as not to hamper the normal functioning of the website.

9. Do not use common user names such as "admin" or "administrator".

Use something unique. For example "abc_master" or "abc_admusr" sounds a bit different.

10. For CMS sites such as Wordpress or Joomla, change the default login/admin url.

This can be achieved through custom code or by using a plugin and is a great way to stave off brute-force attacks.

The above listed techniques, although not fool-proof, should help to reduce hacking and spam attacks significantly on any website.

Plan

Everyone of us plans. Don't we ? We either plan to achieve something or we plan to be someone. But rather often, than not, our plans go haywire. But still we plan......we plan because we have to.....we plan because someone wants us to plan.....we plan because the supreme being has plans for each and everyone of us. Our plans keep us going...our plans keep us motivated, but finally, we always end up with what God has planned for us. We can, therefore, make only one plan......Plan To Be Surprised.

What is Platform as a Service (PaaS)?

Platform as a Service (PaaS) is a category of cloud computing services that provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app. PaaS can be delivered in three ways:

• As a public cloud service from a provider, where the consumer controls software deployment with minimal configuration options, and the provider provides the networks, servers, storage, operating system (OS), middleware (e.g. Java runtime, .NET runtime, integration, etc.), database and other services to host the consumer's application.
• As a private service (software or appliance) inside the firewall.
• As software deployed on a public infrastructure as a service.

Like IaaS, PaaS includes infrastructure (servers, storage and networking) and also middleware, development tools, business intelligence (BI) services, database management systems and more. PaaS is designed to support the complete web application life-cycle: building, testing, deploying, managing and updating. The advantages of PaaS are as follows:

• Cut coding time.
• Add development capabilities without adding staff.
• Develop for multiple platforms, including mobile, more easily.
• Use sophisticated tools affordably.
• Support geographically distributed development teams.
• Efficiently manage the application life-cycle.

How to drive traffic to a website, blog or online store?

A website, blog or online store (e-commerce) is a great way to establish online presence for a company, organization, community or individual. In today's ever changing business scenario, a website or blog serves as an online identity and promotes brand awareness and visibility. It also serves as a means to drive sales of products and services and generates revenue from advertisements and associated offerings. Hence, it is apt to classify a website or a blog as digital real estate.

However, creating a site or online platform is only the first step towards achieving the goal of brand promotion and revenue generation. The most important determining factor behind its success is online traffic. Unless a website/blog has incoming traffic or visitors, it will neither create brand awareness nor will it generate revenue from online sales and advertisements. In the absence of traffic, a website or blog tends to appear like an island lost in the ocean of millions of similar websites and blogs. A piece of digital real estate then becomes a liability instead of an asset.

But how do we drive more traffic to a site? That is the pertinent question.

There are a lot of articles floating around on the internet which try to address this fundamental question but all may not be relevant and appropriate. With the evolution of technology and computing techniques, many suggestions have been rendered useless and obsolete. In some cases, certain old techniques, such as inappropriate usage of keywords, may even prove detrimental.

This article highlights the most important guidelines for increasing traffic to any website. The suggestions are based on actual experience and have been prepared on the basis of feedback and expertise shared by numerous webmasters and site owners. 1. Write good Content and ensure Quality Control.

The first and foremost criteria for any successful website or blog is quality content. If one can produce content which is useful and helpful for the intended audience, there shall an automatic and natural surge in visitors to the website. However, one must ensure quality and accuracy of the content being shared.

2. Continuous Search Engine Optimization (SEO).

Search Engine Optimization or SEO is essential for driving and maintaining a steady flow of traffic to any website. However, one must understand that this is not a one-time activity but rather, an on-going process. Judicious use of keywords, human-readable permalink structure and appropriate use of tags, hyperlinks and headlines are some of the most common but important techniques. It must also be noted that any description or text used in the site must be written in natural language and keyword-stuffing must be strictly avoided.

3. Engage in Social Media Marketing.

Promote the site on popular social media platforms such as Facebook, Twitter, Instagram, Pinterest, Google+, Tumblr, etc. This increases visibility and widens the reach to the target audience. One may start with free promotions and then upgrade to paid promotions in future.

4. Paid promotions in Search Engines.

Advertising is a good idea, especially in Google, Facebook and Yahoo. Opt for a mix of Google AdWords, Facebook Ads and Yahoo advertisements.

5. Create Inbound and Outbound links.

The number of links or url(s) pointing to and from a website or blog impacts its search engine ranking. Try to post references to the site or blog from social media platforms and other blogs and websites. In the absence of inbound and outbound links, a website tends to act like an island in the middle of the ocean with no connectivity to the mainland.

6. Reach the target audience where they already are.

There are numerous blogs, community sites and social media platforms on the World Wide Web and people across the world are using them extensively for commerce, knowledge sharing or simply as a pastime. It is a good idea to engage with the intended audience and encourage them to use the intended site or blog. One may post references to articles and content published on the target site as a means to drive traffic to the new site.

The above guidelines are just a few suggestions drawn from experience and are intended to help entrepreneurs and newly launched sites increase online traffic and visitors.