One of the topics that all of us online business people are aware of but usually don’t feel totally on top of is website security.
Coming from a background of having spent over 20 years in the U.S. military, and having spent four years as a software tester, I have a greater awareness of the need for continuous vigilance in this area than your average marketer.
I also know that you can never make your websites or your computers completely secure. Instead, you can only do things that reduce the risk.
Given that you spend a lot of time, money, and energy, building your online business, it only makes sense that you set aside time periodically to review security related issues, and to look for problems that can be easily minimized.
Here are a few easy “fixes” that you can implement today that will increase the security of your online business.
1) Delete outdated scripts that you no longer use from your server. Many of “the bad guys” have studied the exact same scripts that you use to power your websites, and they know where the backdoors and vulnerabilities are. They know exactly which file will allow them to create all kinds of havoc.
If you have old programs on your server that you are not using, simply delete them.
2) Update older scripts that you are using. Often, the reason that updates are released for a script IS to patch a vulnerability that the developer has become aware of.
YES, upgrading can seem time consuming, and it can be tempting to skip an update, and just wait for the next one. When you wake up one day and can’t access your server, or all of your websites have been defaced or erased, you’ll see the wisdom in ALWAYS keeping the scripts powering your websites completely updated.
If you are as non-techie as I am, you simply hire a trusted programmer to perform this task.
3) Change the default setting when installing scripts on your servers. Many scripts have default passwords, and default locations for critical directories that make these scripts work flawlessly. Since everyone obtaining a copy of these script have these settings, you probably want to change them, and you also may want to rename certain directories.
4) Secure your web logs. Many web hosts have a standard location for the website’s logs and statistics on each hosting account. The files that allow you to access, read, download, and manipulate this data often aren’t secured. At a minimum, password protect that directory.
The danger in someone readily accessing your logs is that they can see the names and paths of the files on your server, including your download pages and the file names of files that may actually be for sale products 
There are not only people who search on your product name, looking for unsecured files – there are also people who enjoy posting those links on sites where this type of information is shared.
5) Put an index page in every directory on your server. If someone surfs to the domain name of one of the directories on your server, and there is no index page in that directory, they will get a directory tree… showing them all of the files in that directory, and allowing them to simply click in a given file name to access it.
Servers can be configured to prevent this, but for many people, the quickest and simplest way to protect their directories from prying eyes is to stick an index page in each directory.
6) Give your download pages hard to guess names. Don’t use urls like YourDomain.com/ProductName/download.html Instead you want to give download pages names comprised of a random sequence of letters and numbers, perhaps stick them in directories not even associated with a given product, or use a “download guard-type” script that gives each customer a unique download link and protects your files.
There are a lots of other things that you can do to easily close common holes in your website’s security. This article barely scrapes the surface, and is intended more to make you aware of the problem, and to get your thinking about it. Make regularly reading articles and reports on the topic a part of your education in how to operate a successful online business.
Also published here.
…
Willie Crawford has been operating an online business for 13 years and believes that too many online marketers simply pretend that problems with website security don’t exist. For a really eye-opening report on website security, get the recordings of an interview Willie did with a leading web security expert at: http://timic.org/CloseTheDoor
Read more articles written by Willie Crawford
Related posts:
- Does Your Proposed New Company Name Open the Door to Ridicule?
People who intensely dislike your company or feel wronged by you will always find some way to complain. However, a lack of attention during the naming process can inadvertently make it easier for comedians, protesters and whiners to poke fun at your company. Before finalizing your new company name, run... - A Baker’s Dozen of Grocery Coupon Websites And Resources
Coupons, coupons, coupons. Have you got the idea? In the past, many people read newspaper and magazine articles about and watched news segments showing others who often food shop for free using coupons. The average family often does not have the time to organize and purchase food in bulk to... - A Business Lesson From The Australian Open
Yesterday, I just lounged around… hanging out with my little boy most of the day. Having breakfast, playing with leggo, pulling “The Bear With the Big Blue House” out of the cupboard and watching that. And playing with his mini-pool out in the backyard and let him splash me, water... - How to Open Up the Lines of Communication and Maintain a Healthy Relationship
When you start out in a relationship everything seems to flow. All is smooth sailing and you’re happy to do whatever your sweetie wants. You see only the good in them and want to spend as much time as possible with them. Communicating is a breeze and you both hit... - Webmasters: There Is Nothing To Fear About PHP But Fear Itself
I remember when I first started on the Internet as a webmaster. I remember I was so scared I was going screw something up, I was scared to death to install scripts into my website. My First Experience With Online Script Customization In those days, I had a mailing list... - The Difference Between SubDomains And Add-On Domain Names Basics
Let us assume that you have a very good domain name with you. Did you ever know that you could add and compliment another domain in addition to your existing domain name? These domain names are known by the names like sub domains or add-on domains. However, they are almost... - How To Uploading Your Podcast
Ideally, you will create a new directory on your web server for your podcast files. This will help you keep them separate from other website files, and make them very easy to find later. Your podcast should be saved in the .mp3 file format. It is also a good idea... - Using Link Bait To Attract Massive Free Traffic
Here is a technique I have long used to attract massive free traffic to some of my websites. Recently, more and more people are discussing this largely intuitive technique, and giving it a variety of names. The name I most embrace is “link bait.” “Link bait” is anything that you... - Top 3 Problems with Directories
Directories have existed since the early days of the Internet, even before Tim Berners-Lee created the World Wide Web. Originally, search directories and word-of-mouth were the only ways to learn about new websites. Google changed that! Today, search directories are used to build links into websites. But, by default, search... - Beginner’s Guide To Multiple Domain Web Hosting
Gone are the days when you had to open a separate account for each of your website. Since the past few years website owners have been able to enjoy the various advantages offered by multiple domain hosting services. As the name implies, this kind of hosting plan allows you to... - What Kind Of Backlinks Are Best At Helping Your Website In Google?
I was in the Warrior Forum, and someone asked what kinds of Backlinks are worth pursuing. This is my answer to that query. As an article marketing guy, I bet you can guess my answer. The answer is that you should have links everywhere your potential clients are looking to... - Link Building with Search Directories
In 1996, the founders of Google came up with the novel idea that links from other web pages can be used to determine the importance of a web page. The idea represents the level of importance using a logarithmic value between zero and 10. A Page Rank of 10 indicates... - Tips For Building Your First Website
New people are coming online everyday. And many of those people desire to turn their spare time into spare cash. So begins their journey. Selecting a Webhosting Provider Many begin their journey on a free website. There are actually many companies that offer these “free websites.” Here are a few... - What’s Your Excuse For Still Not Having A List?
One of the excuses we hear most often from struggling online marketers is that they don’t make more sales because they don’t have a list. We even hear that excuse from marketers who have been online three, or even five years. My question to them is always, “What are you... - Action List Part 2
□ Download and install Skype from http://www.skype.com. Play around with it, and see how it is used. Explore all of the features. □ Write a short podcast content outline or script, and phone in your first podcast. Download it to your computer. If you already have editing software, play around...