Web Security – An Overview

security key

What is Web Security?

Let’s get the obvious out of the way. Web security is a collection of tools and personal habits used together to prevent unauthorized use or damage to something on the internet. Our customers host email accounts, websites, and virtual servers with us; all of which pose a risk of being compromised. Web security practices can help reduce the likelihood of being compromised and may offer more peace of mind to you.

Why People Hack Websites?

The first question that comes to mind is, why? In our experience, the general public is targeted for three major reasons: automated hacks (not targeted), competitor interference, and political activism. We will talk about each one separately but it should be noted that automated hacks refer to web crawlers that seek out known vulnerabilities and exploit them without human interaction. Most of the time this is just to cause havoc. Hackers may not care about your blog on cats but their automated systems don’t take into account what is on the site, only the system running it.

How is Web Security Compromised?

Recently, there has been an uptick in the reported number of scam calls and emails circulating the world. You may have gotten a call from someone claiming to be from social security or tech support that you don’t have, asking for money. A lot of people fall victim to this because they are uneducated in security and we are all vulnerable to being compassionate to our fellow humans. We want to believe them.

Web security compromises can be as sophisticated as inside jobs to as simple as a bad link in a well-timed email. If you are a blogger or small business with web hosting with us, your biggest risks are getting compromised by clicking links in unsolicited emails, using vulnerable software, and having weak passwords or refused passwords from previously compromised accounts. Passwords can be compromised by security breaches of a company you interact with, viruses installed on your local machine, and phishing attacks that trick you into entering your password into a site that looks like the one you want but is in fact an imposter. Our partners at Sucuri have written a similar article explaining how and why more in-depth. You can check that out here.

If you pull up your website in the browser and see it defaced, it is likely you are using software that has not been patched or has an unreported vulnerability. If you find yourself on an email blacklist, it can be because your email password has been compromised or you are using an unsecured email host that does not support SPF record validation.

How Do I Protect Myself?

The short answer is to be vigilant. When we investigate how a compromise occurred, we typically find that it came down to a user letting their guard down by skipping software updates, clicking links in unsolicited emails, and not using prescribed security software. Protect yourself by keeping your anti-virus software updated on your operating system, regularly check for updates for any website software (such as WordPress), do not click links in emails you did not solicit for, and use unique passwords. We highly recommend using a free password manager that works on computers and mobile devices, such as LastPass, found here.

How Elite Hosting USA Helps You

Our services are hosted on a world-renowned infrastructure of data centers connected in several different countries around the world. When we offer services, we provide them with security in mind. Our WordPress plans, found here, come with daily malware scans through Sucuri, an industry-standard security plugin for WordPress, and one-click backup and restores. Our Cpanel shared hosting plans are automatically updated with security patches and the newest features. You can learn more about those plans here. Want to monitor your website 24/7, get alerts when it appears on a blacklist, and get automated malware removal? We offer a service for that too. More on that can be found here. Most importantly, when you get hosting through us, you get access to the best of the best support who can help you understand and fix vulnerabilities and compromises you have experienced with your products through us.