Quick, Easy & Essential Cyber Security Tips


Mask Your Website Weaknesses

This is important!

Make it harder for scanners/ hackers to identify vulnerabilities/ exploit you - Even when your system is vulnerable!

Use generic error pages - For instance, silently redirect 404, 403 errors to your home page

Disable ALL error reporting on your system

Disable Directory Listing

Directory Listing enables an attacker access to restricted data: E.g backup, conf files forgotten in the web-root

In your .htaccess file, add this line: Options -Indexes

Else, having an index.html page in the directory prevents listing as well

Server Hardening

E.g To help prevent SSH login bruteforce attacks

Disable SSH root login

Limit failed SSH authentication attempts. E.g to 3

Use a different SSH port other than 22

Disable FTP; it's authentication is in clear-text (Use SFTP above)

Disable Telnet

Whitelist allowed ports: Typically: HTTP/S, SMTP, SSH

Preventing Injections

E.g SQLi, XSS, Command

Never trust any client generated input - Always sanitize it