Get A Security Package For Your Website
Our advanced security package goes above and beyond the already great security which is implemented in all our website development projects. Go from great to superior and keep the hackers away from your website.
The security package covers 21 different points of entry that hackers are known to attempt. No website can claim to be 100% secure from hackers. The goal is to place as many barriers in front of the hackers as possible so that it’s easier for them to simply move on to another website which is easier to breach. It’s just like a thief who will test to see if there is an unlocked door or window in order to gain entry to a building. If not, they will often move on to another building, as it’s just too much effort to try and force their way in.
When it comes to websites, it’s important to ensure that you’re not using the same cookie cutter approach when it comes to how the site is structured. That’s where our security package comes in. It changes the underlying structure of your website to render most hacking programs useless. We change the folder structure which holds the website files. The database is also altered so that hacking programs can’t find potential points of entry. Additionally our security package software blocks known bad hosts from even accessing your website, as well as locking out access to the admin area during specific time periods.
To get our website security package, you must be a current client and have your website developed by us. The one-time cost to secure your website is just $195. Contact us today to start the process!
Here are the various aspects our security package covers for your website.
1) Enforce Strong Passwords For All Users
Any user which has login access to your website will be forced to use a strong password. This ensures that simple words taken straight from a dictionary will not be allowed.
2) Remove Sensitive Information From The Website Header
All websites display information regarding the technology used to build that site. This allows hackers to know what type of hacking software to use. We remove such information which makes it more difficult to figure out how the website is structured.
3) Hide Update Notifications From Non-Administrators
If visitors to your website can create an account which enables them to log into your site, we ensure they can’t see what updates are available.
4) Rename The Admin User
Usually website administrators use the default user name “admin”. Hackers then only have to figure out the password, not both the user name and password. This makes the login process much less secure. Our security package includes the renaming of any admin accounts.
5) Remove The User ID 1 From The Database
Most websites will setup the first user as the admin. They are automatically given the database ID number 1. Knowing this makes it easier to compromise the database and gain access to the site. We remove this database entry and create a new admin account with a random ID number.
6) Change The Database Table Prefix
Most websites use a database in order to function. A lot of them use a standard database prefix, which is just a method for naming the tables within a database. This can give hackers an advantage when trying to break into your site. We randomize all your database prefix’s with our security package.
7) Setup Automated Scheduled Backups
Even the most secure websites may be broken into. Therefore you need to have automated regular backups of your website. There are a number of different ways to do so. Be confident that even if your entire website is wiped out, that you can restore it with a recent backup.
8) Lockout The Admin Area During Off Hours
You don’t need access to your website admin area 24/7, so why make it available all the time? Chances are you’ll never need to log into your website at night for example. We lock it up during those hours. That helps protect your site from bad login attempts.
9) Block Known Bad Hosts
There are black lists of known bad hosts, which are used to break into websites. Our security package blocks them using a black list and prevents them from even being able to view your site. This point alone increases your WordPress security by quite a bit.
10) Protect Against Brute Force Attacks
Many website systems allow users to try to login over and over again. Hackers’ automated scripts go through dictionaries and commonly-known user names and passwords to try and break in. This is known as a brute force attack. We add an extra layer of protection by only allowing a set number of login attempts before the IP address is blocked from further attempts. So that we don’t permanently block legitimate users, these blocked IP addresses can be unblocked automatically after a set period of time.
11) Hide The Admin Area
Almost all website systems have their admin area located in the same place. This makes it easy for hackers to target it for attacks. The security package changes the website address of the admin area to stop automated programs.
12) Secure The .htaccess File
A website’s .htaccess file is extremely sensitive. If it gets hacked, the damage can be huge. We secure this file so that it cannot be altered.
13) Block Attackers From Scanning Your Website
The security package includes the renaming of sensitive folders which contain the content of your website. The use of non-standard folder names and locations prevents the hackers from being able to scan your website for potential weak points. They won’t be able to find anything if they don’t know where to look!
14) Automatic Notification Of Changed Files
If any of the files on your website should change, you can receive a notification. We can then launch an investigation and use detailed logs to see exactly which files where changed at what time. It is then possible to take immediate corrective action to remove any threats and get your site back to normal.
15) Prevent Long URLs
Hackers will take advantage of long URLs to inject malicious code into a website. We limit the number of characters which can be used in your site’s URLs. This eliminates complex attacks of this nature from affecting your website.
16) Remove Online File Editing Capabilities
In some cases you may be able to edit your website’s core files directly from within the admin area. If a hacker should ever gain access to this area, they could inflict a great deal of damage. To limit their capabilities we remove any core file editing capabilities from within the admin area.
17) Isolate Write Permissions To The Security Package
The two most sensitive files are the configuration file and the .htaccess file. We lock them down so that they can’t be altered, but allow our security software access to them in order to maintain your website’s functionality.
18) Remove Write Permissions From Sensitive Files
The website configuration file and the .htaccess file both need to be properly secured, as they contain highly sensitive information regarding how your website functions. We ensure that both of them cannot be altered by any malicious code by removing their write permissions.
19) Hide Your Website Software Version Number
Most website software displays the version number of the software being used. This is the type of information hackers use to find weak points which they can exploit. We turn off such displays as they don’t need to be shown to the public.
20) Rename The Content Directory
Your website has a content directory which holds all the information regarding the content of all your website pages. This includes the text, pictures, video, etc. We rename this folder to a non-standard name, which renders automated hacking software useless when trying to access those files.
21) Require SSL Connections
This security point is only possible if you have setup your website with an SSL certificate. If you have such a certificate installed on your website, our security package will ensure that the admin login area and the entire admin area have an extra layer of protection. This is accomplished by making access to those sections only possible via encrypted transmissions by using “https” instead of “http”.