Backing up your account
There are numerous techniques that hackers can use to compromise a website, however the reasons these techniques are successful are usually because of:
- Vulnerabilities in the software you run on your hosting account
- Vulnerabilities in software that you run on your local computer
Vulnerabilities in the software you run on your hosting account
Most software that users run on their website is Open Source software. Open Source software is software that is freely available for anyone to download and use. For example, both Joomla and Wordpress are very commonly used, and they are both Open Source. One of the drawbacks of Open Source software is that anyone can download and view the software's code, which makes it easier for hackers to find ways to compromise a website. The authors of such Open Source Applications release updates and security patches on a regular basis. Please be sure that you are running the most current versions of any third party software on your website, as the most current version is usually the most secure version as well.
The following is a list of links, for Wordpress and Joomla specifically, that point to the software's own information about security:
WordPress
Wordpress.org - How to Keep WordPress Secure
http://wordpress.org/development/2009/09/keep-wordpress-secure/
Wordpress.org - Hardening WordPress
http://codex.wordpress.org/Hardening_WordPress
Wordpress.org - Upgrading Wordpress
http://codex.wordpress.org/Upgrading_WordPress
Joomla
Joomla.org - Joomla Security Center
http://developer.joomla.org/security.html
The Joomla Security Center includes information about their latest security news, their latest security articles, and more information in general about the Joomla Security Strike Team.
Joomla.org - Upgrade Instructions
http://docs.joomla.org/Upgrade_Instructions
Vulnerable plugins
Keeping any third party plugins / extensions on your website up to date is just as important as keeping the core software up to date as well. We've compiled a short list of links for more information about this topic as well.
Joomla
http://docs.joomla.org/Vulnerable_Extensions_List
Wordpress
http://codex.wordpress.org/Hardening_WordPress#Plugins
Did you code and develop your website yourself?
Common ways websites are hacked
SQL injection
http://en.wikipedia.org/wiki/Sql_injection
Code injection
http://en.wikipedia.org/wiki/Code_injection
Cross-site scripting (XSS)
http://en.wikipedia.org/wiki/Cross_Site_Scripting
Remote File Inclusion
http://en.wikipedia.org/wiki/Remote_File_Inclusion
Vulnerabilities in software that you run on your local computer
Adobe
Adobe.com Security bulletins and advisories
http://www.adobe.com/support/security/
For example, Adobe offers many popular products, such as:
Adobe Reader - http://www.adobe.com/support/security/#readerwin
Adobe Dreamweaver - http://www.adobe.com/support/security/#dreamweaver
Adobe GoLive - http://www.adobe.com/support/security/#golive
Microsoft
Microsoft.com - Windows Update
http://windowsupdate.microsoft.com/
Microsoft provides Windows Update to help keep your copy of Windows and other Microsoft products up to date. Be sure that your version of Windows has installed the most up to date security patches available.
Apple
Apple.com - Apple security updates
http://support.apple.com/kb/HT1222
Apple is well known for the security and stability that their products come with, but even Apple has to releases security updates. Please see the link above for more information regarding Apple security updates.
