A Free-Reprint Article Written by: Willie Crawford Article Title: Are Your Websites Secure Or Is The Back Door Wide Open?
See TERMS OF REPRINT to the end of the article. Article Description: One of the topics that all of us online business people are aware of but usually don't feel totally on top of is website security. Coming from a background of having spent over 20 years in the U.S. military, and having spent four years as a software tester, I have a greater awareness of the need for continuous vigilance in this area than your average marketer. Additional Article Information: =============================== 722 Words; formatted to 65 Characters per Line Distribution Date and Time: 2010-02-02 12:30:00 Written By: Willie Crawford Copyright: 2010 Contact Email: mailto:[email protected] For more free-reprint articles by Willie Crawford, please visit: http://www.thePhantomWriters.com/recent/author/willie-crawford.html ============================================= Special Notice For Publishers and Webmasters: ============================================= HTML Copy-and-Paste and TEXT Copy-and-Paste Versions Of Article Are Available at: http://thePhantomWriters.com/free_content/db/c/websites-back-door-security.shtml#get_code --------------------------------------------------------------------- Are Your Websites Secure Or Is The Back Door Wide Open? Copyright (c) 2010 Willie Crawford Willie Crawford Incorporated http://WillieCrawford.com/ezine.html One of the topics that all of us online business people are aware of but usually don't feel totally on top of is website security. Coming from a background of having spent over 20 years in the U.S. military, and having spent four years as a software tester, I have a greater awareness of the need for continuous vigilance in this area than your average marketer. I also know that you can never make your websites or your computers completely secure. Instead, you can only do things that reduce the risk. Given that you spend a lot of time, money, and energy, building your online business, it only makes sense that you set aside time periodically to review security related issues, and to look for problems that can be easily minimized. Here are a few easy "fixes" that you can implement today that will increase the security of your online business. 1) Delete outdated scripts that you no longer use from your server. Many of "the bad guys" have studied the exact same scripts that you use to power your websites, and they know where the backdoors and vulnerabilities are. They know exactly which file will allow them to create all kinds of havoc. If you have old programs on your server that you are not using, simply delete them. 2) Update older scripts that you are using. Often, the reason that updates are released for a script IS to patch a vulnerability that the developer has become aware of. YES, upgrading can seem time consuming, and it can be tempting to skip an update, and just wait for the next one. When you wake up one day and can't access your server, or all of your websites have been defaced or erased, you'll see the wisdom in ALWAYS keeping the scripts powering your websites completely updated. If you are as non-techie as I am, you simply hire a trusted programmer to perform this task. 3) Change the default setting when installing scripts on your servers. Many scripts have default passwords, and default locations for critical directories that make these scripts work flawlessly. Since everyone obtaining a copy of these script have these settings, you probably want to change them, and you also may want to rename certain directories. 4) Secure your web logs. Many web hosts have a standard location for the website's logs and statistics on each hosting account. The files that allow you to access, read, download, and manipulate this data often aren't secured. At a minimum, password protect that directory. The danger in someone readily accessing your logs is that they can see the names and paths of the files on your server, including your download pages and the file names of files that may actually be for sale products :-( There are not only people who search on your product name, looking for unsecured files - there are also people who enjoy posting those links on sites where this type of information is shared. 5) Put an index page in every directory on your server. If someone surfs to the domain name of one of the directories on your server, and there is no index page in that directory, they will get a directory tree... showing them all of the files in that directory, and allowing them to simply click in a given file name to access it. Servers can be configured to prevent this, but for many people, the quickest and simplest way to protect their directories from prying eyes is to stick an index page in each directory. 6) Give your download pages hard to guess names. Don't use urls like YourDomain.com/ProductName/download.html Instead you want to give download pages names comprised of a random sequence of letters and numbers, perhaps stick them in directories not even associated with a given product, or use a "download guard-type" script that gives each customer a unique download link and protects your files. There are a lots of other things that you can do to easily close common holes in your website's security. This article barely scrapes the surface, and is intended more to make you aware of the problem, and to get your thinking about it. Make regularly reading articles and reports on the topic a part of your education in how to operate a successful online business. --------------------------------------------------------------------- Willie Crawford has been operating an online business for 13 years and believes that too many online marketers simply pretend that problems with website security don't exist. For a really eye-opening report on website security, get the recordings of an interview Willie did with a leading web security expert at: http://timic.org/CloseTheDoor --- END ARTICLE --- Get HTML or TEXT Copy-and-Paste Versions Of This Article at: http://thePhantomWriters.com/free_content/db/c/websites-back-door-security.shtml#get_code ..................................... TERMS OF REPRINT - Publication Rules (Last Updated: May 11, 2006) Our TERMS OF REPRINT are fully enforcable under the terms of: The Digital Millennium Copyright Act http://thomas.loc.gov/cgi-bin/query/z?c105:H.R.2281.ENR: ..................................... *** Digital Reprint Rights *** * If you publish this article in a website/forum/blog, You Must Set All URL's or Mailto Addresses in the body of the article AND in the Author's Resource Box as Hyperlinks (clickable links). * Links must remain in the form that we published them. Clean links should point to the Author's links without redirects having been inserted into the copy. * You are not allowed to Change or Delete any Words or Links in the Article or Resource Box. Paragraph breaks must be retained with articles. You can change where the paragraph breaks fall, but you cannot eliminate all paragraph breaks as some have chosen to do. * Email Distribution of this article Must be done through Opt-in Email Only. No Unsolicited Commercial Email. * You Are Allowed to format the layout of the article for proper display of the article in your website or in your ezine, so long as you can maintain the author's interests within the article. * You may not use sentences from this article as an input for any software that steals sentences from others in order to build an article with software. The copyright on this article applies to the "WHOLE" article. *** Author Notification *** We ask that you notify the author of publication of his or her work. Willie Crawford can be reached at: [email protected] *** Print Publication Reprint Rights *** If you desire to publish this article in a PRINT publication, you must contact the author directly for Print Permission at: mailto:[email protected] ..................................... If you need help converting this text article for proper hyperlinked placement in your webpage, please use this free tool: http://thephantomwriters.com/link-builder.pl Would you like to learn how to improve the performance of your article marketing campaigns? Download our F.R.E.E. 108-page Article Marketing Ebook at: http://thephantomwriters.com/ebooks/advanced-article-marketing.html ***************************************************************** * * This email is being delivered directly to members of the group: * * [email protected] * ***************************************************************** ===================================================================== ABOUT THIS ARTICLE SUBMISSION http://thePhantomWriters.com/ is a paid article distribution service. thePhantomWriters.com and Article-Distribution.com are owned and operated by: Bill Platt 3010 E Raintree Stillwater, Oklahoma USA 74074 Learn more about our article distribution services by visiting: http://thephantomwriters.com/x.pl/tpw/info/article-distribution/index.html The content of this article is solely the property and opinion of its author, Willie Crawford http://WillieCrawford.com/ezine.html --------------------------------------------------------------------- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ---------------------------------------------------------------------
