Quick, Easy & Essential Cyber Security Tips
.
List .
Mask Your Website Weaknesses
Make it harder for scanners/ hackers to identify vulnerabilities/ exploit you - Even when your system is vulnerable!
This is important!
- Use generic error pages - For instance, silently redirect 404, 403 errors to your home page
- Disable ALL error reporting on your system
Disable Directory Listing
Directory Listing enables an attacker access to restricted data: E.g backup, conf files forgotten in the web-root
- In your .htaccess file, add this line:
Options -Indexes
- Else, having an index.html page in the directory prevents listing as well
Server Hardening
This is important!
- Disable SSH root login
- Limit failed SSH authentication attempts. E.g to 3
- Use a different SSH port other than 22
- Disable FTP; it's authentication is in clear-text (Use SFTP above)
- Disable Telnet
- Whitelist allowed ports: Typically: HTTP/S, SMTP, SSH
Preventing Injections
E.g SQLi, XSS, Command
- Never trust any client generated input - Always sanitize it
Strongly Recommended: Try out our [Online Website Security Scanner] New!