Cross-site Scripting or XSS<\/strong>.Wordpress and Drupal are two major CMSes which are vulnerable to such attacks.<\/p>\n\n\n\nDon\u2019t link with the sites you don\u2019t trust<\/h2>\n\n\n\n
While SEO optimisation of the website you build number of backlinks to your website as a link building practice. You also run link exchange program as a part of link building. Many newbies in the SEO think that building thousands of links will increase search engine presence of the website. But its not true. Linking with low quality, low authority sites, maybe sometimes sites with adult content can completely mess up your website. These low quality, low authority website may run any script on your website and can show unwanted content on it. Moreover, with frequent updates of Google Penguin algorithms, Google can easily penalise the website and remove your site from Google search results.<\/p>\n\n\n\n
Don\u2019t allow spam comments<\/h2>\n\n\n\n
Allowing spammy comments to your blog, forums or while receiving any feedback from readers can be biggest threat to the website. Spammers or hackers are able to inject viruses by running any script through comment box. Sometimes they do so through \u201cwebsite name\u201d field in the comment feature. Best practise to avoid spam through comment box is to not allowing any HTML in comment box.<\/p>\n\n\n\n
Having proper designing of databases with correct validations and its security privileges<\/h2>\n\n\n\n
Use form databases with proper validations. For example, in the name field don\u2019t allow too many characters and don\u2019t allow special characters too. Please, understand that person\u2019s name cannot be more than 35 characters. Also, for the field like emails, phone you will need proper validation that accepts standard formats. Don\u2019t allow any HTML in message field.<\/p>\n\n\n\n
For each databases that you should create different user accounts. Assign only read and write access to them instead of giving all privileges like create database, create tables, delete tables or right to access any files on server. Never give root access of databases to anybody.<\/p>\n\n\n\n
Stop content spoofing<\/h2>\n\n\n\n
Hackers do attack on page content and modify it for malicious purposes. At some point later this content looks like legitimate content on the website. Attacker finds injection vulnerability for such reason. Most of the time attackers use web applications that gives some recommendations to users. For example, product bundles on e-commerce websites.<\/p>\n\n\n\n
Product bundles are the recommendations which tells users that you should or you would like to buy or that tells you might interested into these particular products or stock too. If such recommendations are coming via link to you, you should be careful. Because attackers find vulnerable parameter into that link and slightly modifies the parameters or valid request which you cannot notice easily. After clicking this link it automatically create webpage which looks like page from e-commerce website that you trust and you think this recommendation is coming from genuine website. If you do any transaction from such link, you may get cheated and loose money.<\/p>\n\n\n\n
Along with users, website owner should keep track on such things, because, say, you are using a parameter \u201cbuy+product\u201d in URL; attacker can modify it to \u201csell+product\u201d. So, it is better to have encrypted path for such web applications. Also, in some cases, these spam links also considered as website\u2019s own link( as it is from same domain, but only parameters are changed ahead of domain or any folder path) and may lead in loosing website\u2019s authority.<\/p>\n\n\n\n
SiteLock feature to hide identity<\/h2>\n\n\n\n
Features like SiteLock has ability to find any malware as well as it removes such malware found on your website. It keeps your site clean, prevents search engine backlisting and helps to keep your business running.<\/p>\n\n\n\n
Hiding Whois information<\/h2>\n\n\n\n
This protection helps you to hide your contact information such as registrant\u2019s name, address, telephone and fax numbers and email address. This information often used by hackers and spammers to compile the mailing lists and steal domains. Displaying this information may lead to many frauds and identity theft as well.<\/p>\n\n\n\n
Passwords<\/h2>\n\n\n\n
Keep changing passwords of server logins, control panel, admin panel, FTP logins, any CMSes (WordPress,Drupal, Magento etc.) and database logins of your website. Also, keep changing passwords for email logins, Analytics tools like Google Analytics, Google webmaster tool account, Google tag manager accounts. Hope, these tips will help you to have completely safe online business ! Thank you !!<\/p>\n","protected":false},"excerpt":{"rendered":"
It is always important to have clean and secure website in order to prevent it from search engine blacklisting, to increase its credibility and authority in the eyes of search engines like Google. Here are the top SEO recommendations and tips for website security. Migrating from HTTP to HTTPS From August 2014, Google started considering […]<\/p>\n","protected":false},"author":2,"featured_media":160,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[18,23,24,29,32,34,42],"class_list":["post-157","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-archive","tag-digital-marketing","tag-https","tag-keyword-research","tag-marketing","tag-organic-traffic","tag-seo","tag-website-security"],"_links":{"self":[{"href":"https:\/\/smowdigital.com\/index.php?rest_route=\/wp\/v2\/posts\/157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smowdigital.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smowdigital.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smowdigital.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/smowdigital.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=157"}],"version-history":[{"count":0,"href":"https:\/\/smowdigital.com\/index.php?rest_route=\/wp\/v2\/posts\/157\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smowdigital.com\/index.php?rest_route=\/wp\/v2\/media\/160"}],"wp:attachment":[{"href":"https:\/\/smowdigital.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smowdigital.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smowdigital.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}