Chuck Fields
/ Categories: Blog

Hackers never give up. Here’s how to keep your website safe.

How to stop hackers


I just spent the better part of this beautiful Saturday morning bullet-proofing a web application. No, it hadn’t been hacked. But it was a target. In fact, like clockwork our logs indicated an automated hack attempt every hour down to the second. The hack attempt was trying to reach non-existent pages in order to find a back door to our database. Fortunately we stopped them. This time.

I wish I could say moments like these are rare, but truth is we must always be vigilant when it comes to keeping our sites and data secure. It’s easy to become complacent when times are good, or when schedules are tight. But it’s equally important to monitor your site and error logs to stop these hack attempts before they get in. While they’re testing the waters, we need to sink their ship before they sink ours.

First off, are you absolutely certain your development team has taken ALL the precautions necessary to reduce the risk of a hacked site? If you’re working with an IT firm, are you confident they are doing their best to protect your site? While no one can guarantee any site is 100% protected, you can reduce the chance of a break in by following these steps:

Keep your site’s code up-to-date

Outdated code can be full of holes and become prime targets for hackers, especially automated attacks using known vulnerabilities. If your site has login functionality that hasn’t been reviewed or updated in the last couple of years then you are vulnerable. Even if your site was developed recently, it could still be vulnerable if the developer used outdated technology.

Keep an error log

Your site at the very least should capture and store errors in a database log or flat file. You should capture the type of error, when it occurred, what screen(s) or procedure(s) threw the error, and if possible the name and/or IP of the user. If you don’t have an error log get one—it’s a fairly simple process to capture web site errors and store them for a trusted developer. An alternative is to email these captured errors, but that can be server intensive and flood a user account with redundant emails, not to mention the user account must be actively monitored.

Review your error log regularly

An error log doesn’t do you any good unless you review it regularly. Count on at least weekly if not daily monitoring to at least get a sense of troublesome spots in your site. This will also help you detect if hack attempts are being made so that you can circumvent them before they do real damage.

Test your site for vulnerabilities

If you’re doing eCommerce you may already be familiar with PCI Compliance scans. These are a great tool to scan your site on a regular basis to identify any vulnerabilities. They’re also an excellent way to make certain your site doesn’t get out of date as these use the latest known methods for security testing.

Do you need a technology ally?

I’m available to personally coach you through the process of understanding how to remove bottlenecks in your business and help you use innovative technology and common-sense marketing to improve your business and increase your revenue.

If you’re ready to take the next step for your business, complete your free Project Assistance Questionnaire and learn more about how I can partner with you to increase profits, save time, achieve your goals and raise your business to new heights.


Contact me

Previous Article Confused by eCommerce? What you don’t know could be costing you thousands of dollars annually
Next Article May I have your credit card number please?
2835 Rate this article: