Knowledge Base

Website protection

To avoid your website being hacked, you should follow these recommendations:

  • Keep up with updates of your CMS platform and its plugins (relevant information can be found on its official website) and always make sure you have the latest versions installed.
  • Use only official themes and plugins offered by your CMS. Nulled versions of paid scripts are extremely likely to be infected.
  • Use strong passwords, which contain at least 8 characters: numbers, uppercase and lowercase letters. Weak passes are very easy to crack.
  • Make sure you have antivirus software installed on your computer and it is always up-to-date.
  • Use only current version of your browser.
  • Do not store your passwords in FTP Client as viruses often attack FTP Clients.
  • Establish correct rights for your website catalogs and files. Try not to use ‘777’ rights as these attributes grant any user full access (read, write and execute) to catalogs and files of your account. ‘777’ rights should be used only if they are essentially important.
  • You can deny all requests to the xmlrpc.php file, using the following .htaccess rules:
    # Block WordPress xmlrpc.php requests
    <Files xmlrpc.php>
    order deny,allow
    deny from all
    </Files>

If you found out that your website has been infected or you were notified about a malicious software detected in your account, do the following:

  1. Check if there are any viruses detected on your computer. Delete the malicious software. You can restore your website using its backup copy if necessary.
  2. Update your CMS, all plugins and extensions to the latest stable version.
  3. Update passwords to your hosting account and database user, FTP passes to all additional accounts and your website admin pass.

The most frequent causes for a website to be infected are: Your website might become a hacking target

  • Vulnerabilities of CMS platform you use;
  • Vulnerabilities of your CMS extensions (plugins, themes and modules) you have installed;
  • Viruses that come from your computer.

As a rule, attackers hack wesites in auto-run mode with the help of software developed for these purposes. Once your website is hacked, it has a malicious code in its files, that is why it is important to keep your CMS platform and all your plugins updated.

On server end AliDropship hosting provides complete protection of your website, it is kept safe even if some other client on server is infected.

Did you find this article helpful?
Contact Us

Have any questions or need to get more information about the product? Either way, you’re in the right spot.

 +1 323-7395659
 AliDropship