5 Reasons To Check Your Website Security and 10 Website Security Checks You Should Do On Your Site

A website security check reduces the risk your website will be hijacked by someone who wants to abuse your website for malicious intent, profit or just simply for fun.

Hackers who hijack your website for fun usually want to show off by replacing your site content with their own or redirecting your visitors to another website. But those who want to use your site for illegal purposes or profit don't usually want to be uncovered. So, you may not be aware your website has been hacked until it's too late.

Without doing a website security check for hacking activity you would not know your website is being probed for security weaknesses and worse still, if your site does get hacked you may not even know about it.

5 reasons why you should do a website security check

If a hacker installs malware on your website to infect your visitor's browser when they visit your website, Google will probably detect it before you do. They will then assign a visible warning next to your search listings that reads "This site may harm your computer." As well as warning visitors not to visit your web pages Google can remove a website from their index and it could take weeks to get it reinstated and many more weeks to get back your previously held search rankings. 
If a hacker gets into your email and webmail accounts they could send thousands of SPAM emails which can get your site email addresses black listed and cause your web hosting account to be suspended or terminated. 
If a hacker gets into your website databases they could extract personal data to use for fraud or sell for a profit. This could severely affect your reputation and the ability to process online payment transactions using any major credit card company. 
If a hacker gains access to critical parts of your website they can add their own files and scripts to redirect your visitors to another website or inject a Trojan virus. If the hacker sets up redirect links to websites that Google regards as "poor neighbours" or black-listed, the search engine ranking of your website and your visitor traffic will drop.  
If a hacker hijacks your website for fun your web page content might be replaced with obscene advertisements, spam or illegal gambling content. Not only could this be embarrassing for you, but it will also hurt your site rankings with the search engines. It could also be an infringement of your web hosts terms and conditions which prohibit the hosting of porn sites and gambling sites which could get your site shut down by your web host.

10 website security checks you should do on your website

There are some simple things you should do to reduce the chances of someone hacking your web applications, finding your script files or hijacking your website.

DO NOT leave FTP log files in directories after uploading via FTP as they contain useful information a hacker could use. 
DO NOT use free scripts that are not well supported or not kept up to date and KEEP your installed web applications and scripts up to date. 
DO NOT leave install files on your web server which the hacker could use to change your configuration settings and control your scripts. 
DO NOT use default locations and directory names during the installation of a web application or script to minimize the chances of a hacker finding your files. 
DO NOT upload   files that come with scripts as these could be downloaded by a hacker to learn about the scripts you have installed. 
DO NOT use simple or short numeric only passwords for login to admin areas and use a password ONLY once. 
ADD a blank index page to all directories that do not have an index page to stop a hacker listing the file contents of your directories in their browser. 
SET server file permissions carefully as badly designed scripts and poorly set file permissions can enable hackers to exploit your files and data. 
ROUTINELY check your website looking for files or folders you did not install. 
ROUTINELY use a website security checker to scan your website for weaknesses particularly after installing or updating a web application or script. 



To check if you have one or more of over 400 web applications installed on your website that could leave your site vulnerable to being hijacked, or to get a FREE security scan of your website visit our website security check page at   

For more information, please visit: Custom Checks
Comments