4 Bad Security Practices you should avoid

4 Bad Security Practices you should avoid

Henry David Thoreau said “If you have built castles in the air, your work need not be lost; that is where they should be. Now put the foundations under them.” The internet is filled with danger, there have been many incidence of hack, virus spread, fake people to name a few. Bad people are just waiting for the right time and means to damage your server, websites and do all sorts of evil on your enterprise. So, don’t make yourself an easy target, because in the world of cyberspace there are plenty of ways in, from OS vulnerabilities to web application security holes. Don’t be victimize know the reality of danger and AVOID the following practices:

1. Guessable Passwords –  Hackers normally use software tools to guess passwords, but many are easy enough to guess without them. Please do memorize your passwords and  secure the Web server computer and all computers on the same network with strong passwords.

2. Accessible Root Account – There is no reason for you to login as root on a regular basis, keep files for your Web application in a folder below the application root. Do not allow users the option of specifying a path for any file access in your application. This helps prevent users from getting access to the root of your server. If your SSH or any other service allows root logins, you will give attackers immediate access and full control.

3. Guest/Test Accounts – Sometimes you need to create a test account to make sure everything is working right. That is fine. The two mistakes are leaving the test account open indefinitely and making the password something like “test”. Do not name the user “guest” and make the password “test”. Be a little more creative.

4. “tamper Me” Scripts – Some scripts are known to be weak. For years, hackers exploited the old Formmail script that every other website used. Make sure the scripts you use are secure and from a trusted developer.

Despite the constant reminders and tips about security available in the internet there are still security breaches happening in the cyberworld. Perhaps the “worst practices”about  security are the ones that are either dropped or not followed. The topic of creating a secure Websites and application is extensive. however, it is essential to understand how to use these security features to counter threats and it will start from the basic.

Image credit@digitaltrends.com Source credit@thewebhostingnews.com

Get your web hosting in minutes visit www.mswebnetwork.netLike us on facebook@www.facebook.com/PhilippineHOSTING.. Choose our Web Hosting packages and avoid bleeding revenue and slow website for your business.