Introduction
As you may have noticed, hackers are making headlines. The purpose of this article is to share our recommendations for reducing the risk of your website being hacked.
Many people are surprised that hacking remains a real risk, wondering why anyone would be interested in attacking a simple hosting service. Here are a few reasons:
- using your hosting service to send spam;
- using your hosting as a tool for distributing viruses;
- for the pleasure of doing so;
- to create phishing pages; or
- using your hosting to attack other sites (DDoS attacks).
Note: The PlanetHoster Glossary contains explanations on multiple topics and can be consulted to clarify certain terms.
Recommendations to Reduce the Risk of Piracy
Although our servers are state of the art in terms of security, this is not an insurance against hacking. You must ensure that certain conditions are met in order to maximize security.
Here is what we recommend to our clients:
- Follow all the steps in the article How to Configure PlanetHoster Products carefully.
- Use up-to-date CMS, modules, extensions (plugins), and themes from reliable sources.
- Regularly update all CMS on your hosting, as well as modules and extensions.
- Regularly check that there is no malicious code on your FTP (pay attention to modification dates).
- Frequently change your N0C/cPanel/MySQL/email passwords to a password with 18 characters (including special characters).
- Be careful how you store your passwords. It is a good idea not to keep passwords in your emails.
- Be careful who you give your passwords to.
- Run the antivirus (virus scanner) from N0C/cPanel on your entire hosting account every month and delete any infected files.
- Enable SpamAssassin in your cPanel to limit the number of unwanted emails as soon as they are received.
- For those who have a HybridCloud or reseller account, do not put multiple sites on companion domains on one hosting account. Instead, opt for multiple N0C or cPanel accounts, depending on the platform used.
- When logging into your cPanel account, use port 2083 (yourdomainname.ext/cpanel) instead of port 2082.
- When logging into your WHM, use port 2087 (yourdomainname.ext/whm) instead of port 2086.
- Maximize the security of your CMS administration consoles by installing security modules, such as CAPTCHA or brute force protection, or protect access to them with an .htaccess file.
- Never use easy-to-find usernames for your administration consoles, such as Admin, root, or your name.
Under no circumstances will PlanetHoster contact you to ask for your password via LiveChat or the phone.
Please note that if PlanetHoster attempts to contact you by email to ask for your password, it is your responsibility to ensure that it is a member of the PlanetHoster team. You can ensure this by contacting us directly https://www.planethoster.com/fr/Contact.