Monday, August 31, 2015
Change the main website password (also known as the web hosting plan password) once a month. Use a combination of numbers, letters and symbols to form a secure password that is hard to guess or crack through hacking programs. For example, the password 'N3409Fn29aa' is harder to guess than 'sunshine29,'
Log in to each PHP script installed and in use (guestbook, blog, mailing list) and change their administrator passwords. Form difficult administrator password for each script that you're using on the website.
Update all scripts that are in use and are planned to be parts of the website in the future. Upgrade to latest available and stable versions by downloading them from the developers' websites. Update any security patches available through the developer. Outdated PHP scripts have insecure coding and are often hacked and injected with malware code.
Remove any scripts that are outdated and no longer in use. Delete the files off the web server or follow uninstall directions if available through your website's control panel.
Disable global directives and variables (which can be used to gain access to administrator panels and inject malware code) from your web hosting account. Alter the '.htaccess' file to secure the website and protect it from this common malice.