#nohacks

Like the graphic says.. #nowhiring #inhousedesigner #NoHacks I'll be doing the interviews. @fatlace #fatlace

Webmasters Help Hacked Sites Overview & My Tips ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔ For this week's +Google Webmasters #nohacked campaign goo.gl/e92xqx I'd like to throw in my few suggestions on how to avoid your websites being hacked. I've started here with some of the most common vulnerabilities I've seen used by even the most primitive hackers. Far too often I have seen people concerned with advanced, or popularly discussed exploits, but forgetting to keep their bases covered with these basics. ① Update all website software & plugins ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔ Out of date software is one of the most common ways I have seen malicious control of sites provided. Old versions of forums such as vBulletin, phpBB, IPB, etc. are often highly vulnerable. Old WordPress, Wiki, & many other CMS installations. For example Google: "wordpress version vulnerabilities" and you will find many specific flaws. The same goes for particular extensions, security fixes must be updated. There are countless sites listing version vulnerabilities (ie. CVEdexxxxxx listing thousands) & teaching either how to infiltrate sites, or how to secure them. Such as Attacking WordPress  Hackxxxxxx.com/attacking-wordpress/ ② Only use trusted plugins, exts & templates ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔ There is plenty of free software, extensions, or templates, that can may be used for malicious purposes. Sometimes you actually get more than you don't pay for. Verify both the validity of the extension & the source where it was obtained. For that matter you also want to make sure that anyone given access to your site is also reputable & trustworthy. ③ Update all old email & website passwords ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔ This is another one of the most common vulnerabilities I have seen & many people don't realize how far back the chain goes. A website password may be recovered through access to an old email address, or maybe you think you have a new email address, but that one was verified from an even older one. Be sure to also update ftp, MySQL Database & all other site related passwords. Sometimes a hacker need only follow a chain of email addresses to a site, or business, easily obtainable through outdated directories, forums, or Whois databases. ④ Do not use the same passwords everywhere ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔ We already know that you should not use weak passwords, but you should also not use the same password to login to multiple sites, or services. Too often passwords are the weak link that may be used to gain access to your sites, accounts & data. That site you logged into for a free Justin Bieber poster <won't ask, don't tell>, now has access to your email address & password, with which other data of yours can easily be searched, collected & used to decide whether your sites are of particular value to be targeted. ⑤ Use Google Webmaster's tools & resources ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔ Google has provided extensive tools to help webmasters with security. In my opinion far too few of these have been utilized at all, or sufficiently by the average webmaster. Make sure you are signed up to and use your google.com/webmasters account. Learn to use everything you fined in there, login to it frequently & avail yourself of its extensive tools, helps & resources. Lastly, use Google's great Hacked Sites resource ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔ Google Webmasters Help For Hacked Sites              google.com/webmasters/hacked Please watch the attached (7 min) help for hacked sites brief Overview from Google Webmasters to continue. Help for hacked sites: Overview #GoogleWebmasterTools #NoHacks #WebsiteSecurity #WordPressSecurity #EmailSecurity http://click-to-read-mo.re/p/7AUi/5228541a