• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login
Top 10 Website Hardening Steps

Who is Responsible for the Security of Your Website?

May 17, 2019Josh Hammer

FacebookTwitterSubscribe

On a daily basis at Sucuri, we hear things like:

“My host takes care of my website security.”

“I have never been hacked, so why should I care?”

Or here’s a personal favorite:

“I’ll take care of it if (when) it happens.”

Let’s be honest, no one wants to think about the possibility of their site being hacked.

I have been in the website security industry for a few years now and have seen so many horror stories it’s unreal. From the newspaper editor who had a Pharma hack (Viagra ads) show up on her site, to the child-clown service with porn site redirects.

Imagine the damage these type of attacks can do to your brand reputation. Think about how long it would take for you to notice it? Do you visit your site daily? Would a person you don’t know be able to contact you if your site maliciously redirected visitors?

The Security of Your Website is Your Responsibility

Hosting Companies and Website Security

The reality here is that hosts are there to display your site (and they are very good at that). However, security is often an afterthought. The hosting market is so competitive that some are even advertising hosting for $1.99. Do you really think that for $1.99 you will have a fully secured site on top of that? I don’t know about you, but I was always told—you get what you pay for.

Some fully managed hosting companies do a pretty good job at securing your site. But even then, it is not their main concern. Only a company which focuses on malware research can keep up with changing hacking trends and attack vectors.

Who Cares More about Your Website?

At the end of the day, who has invested the most in your business success and your website? You, of course. So now that we know why, how about some simple hows.

How to Protect Your Website

You can subscribe to our website security platform and worry no more. However, if you are still not ready to take that step, there are ways to protect your site for free.

Have Website Backups

First, the fall back—backups. Every site should have a backup just in case %#@* hits the fan. The important part here is you should have multiple website backups and they should be off site. Don’t save your backup on the web host.

I mention multiple backups because we have seen malware lay dormant only to pop up after a month later and restore a backup with malware. This can be devastating.

Website Monitoring

Simple website monitoring means looking at file sizes either with a free plugin or on a manual basis. Website monitoring can tell you whether something has changed. For example, if a file has doubled in size and no update has been done, this should be an indicator that something malicious has been added to the file.

Website Protection

You should add protection to your website via a website firewall or rule sets. In short, a basic website firewall is a bunch of rules that define what can and cannot access a site.

You can manually do this. However, setting up rules can be time consuming and if you miss something, it could make the entire effort worthless.

Here are some examples of .htaccess rules you can use to mitigate threats to your website. Though this article is not very recent, it is still relevant and gives you an idea of what you can do given your time availability and technical know-how you might have.

Conclusion

In the end, it is usually easier and (since time is money) cheaper to hire a professional website security company to do it all for you. When you get to that point, let us know because we eat and breath website security and would be happy to take care of you.

FacebookTwitterSubscribe

Categories: Security Education, Web Pros, Website SecurityTags: Best Practices, Website Backup, Website Monitoring

About Josh Hammer

Joshua Hammer is Sucuri’s Sales Director who joined the company in 2015. His main responsibilities include sales, customer engagement, and general front-end operations. Joshua’s professional experience covers reporting, managing a team, and customer satisfaction. When Joshua isn’t working on technical support or office management, you might find him playing video games and board games. Connect with him on our Twitter.

Reader Interactions

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Sucuri Sidebar Malware Removal to Signup Page

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2023 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.