4 Essential Website Security Steps to Help Prevent You from Being Hacked

Share this post

Submit to DiggSubmit to FacebookSubmit to TwitterSubmit to LinkedIn

Website Security

We've all heard stories of websites getting hacked. A hack can come out of the blue, damaging your website and costing you valuable time and money. But, do you know how to prevent your website from getting hacked?

Is your website Fort Knox or a sitting duck? Contact me to find out!

Most website hacks are preventable. Follow these 4 steps to reduce the chances of it happening to you.

STEP 1: Ensure your website developer uses best practices

Your website developer plays an important role in the security of your site. Poor internet security practices can contribute to website vulnerability and breaches.

Ask your developer what internet security measures will be - or have been - put in place.

Best practices include:

  • appropriate file permissions
  • an .htaccess file
  • password protected directories
  • special PHP directives
  • SSL Certificate
  • and more...
Also, your developer should only recommend extensions made by reputable software developers.


For more best practices read Hacker's Calling Card

STEP 2: Choose a hosting company that makes security top priority

Many website hacks are due to poor website hosting server security. I've received calls from several companies whose hacked websites were using the same well known (cheap) hosting company. Like most things in life, you get what you pay for.

Not all hosting companies are created equal.

When you select your hosting company, look for their server security information. A good web hosting company will boast about their security methodology. Choose them!

Rochen Web Hosting - site opens in new page

I trust Rochen Hosting with my websites - contact me to see if Rochen is right for you.

STEP 3: Keep your website software and firewall up-to-date

Your website has likely been built using a content management system (CMS) software such as Joomla, Drupal or WordPress. When your CMS developers release an update - which may include bug fixes, critical vulnerability patches, and new features - it's imperative you update your version as well.

Outdated software is a common reason for many hacked websites. Contact me to learn about our website software maintenance service.

BONUS TIP: don't forget to backup your website after each update. This ensures you'll always have a clean site to roll back to in the event of a hack.

Firewall software provides your site with an additional layer of protection and can thwart a wide variety of hacks. I've been using RSFirewall! for years and also offer firewall installation and configuration as a service.

See RSFirewall! in action below, showing the frequency and types of attacks blocked on THIS site.


Learn how RSFirewall! can help protect your website from being hacked.

STEP 4: Use strong usernames and passwords

IBM’s 2014 Cyber Security Intelligence Index reports that 95 percent of all security incidents involve human error. Many of these due to the use of default usernames and passwords or easy-to-guess passwords.


If your website has been hacked, it's likely been hit by a BOT - an evil little script that crawls through the internet looking for a site to devour. The most common login names bots use to break through a website's back door are "admin" and "administrator".

Don't use admin or administrator.
Do use a unique username (at least 8 characters) that you've not used for any other online account.

Example: msJ3Nskey2Enter  (Ms Jens Key To Enter)

Don't use a word that is related to an aspect of your life, such as the name of your first pet, the city you were born in, your mother's maiden name or your date of birth.
Do use a password generator. Make your password at least 12 characters long, includes lower and uppercase letters, numbers, and one or two special characters.

Example: JGrNYV4a5wd!?4*X

Try this FREE online Dashlane Password Generator

READY? Suit up!

No website is completely hack-proof but take heart... the Russians are not likely after you. Your challenge is the onslaught of bad bots and rookie hackers. If you follow these 4 steps, you will have greatly increased the chances of your website surviving the wild wild web.


Questions? Contact me to chat about your website's security!

Jen Duguay of JenTekk Web Solutions

Founder (2001) and owner of JenTekk Web Solutions. Joomla CMS website developer. Creative, quirky, analytical, adventurous. Fueled by faith, hot yoga and coffee.
A bit more about Jen.

Posted in Website Security


We'll meet for coffee or chat on the phone. You share your thoughts, we listen carefully, ask a few questions and offer some ideas - it's that easy.

(604) 510-2781   //   Contact Form

Copyright © 2001 - 2023 JenTekk Web Solutions. All Rights Reserved.
Professional website design company based in Langley BC, serving Greater Vancouver and Fraser Valley area.
Proudly powered by Joomla CMS - free Software released under the GNU/GPL License.

JenTekk is not affiliated with or endorsed by the Joomla Project or Open Source Matters.
The Joomla logo is used under a limited license granted by Open Source Matters the trademark holder in the United States and other countries.