• Webinar – Tips and Tricks on Website Security

    Yesterday we hosted our first free webinar on website security tips and tricks together with our friends from Stopbadware.org. The goal was to provide an overview of important tips on why website get hacked and blacklisted and what website or blog owner can do to protect their website. The webinar was moderated and presented by Max Weinstein, President and Executive Director of StopBadware and Anirban Banerjee, Co-founder of StopTheHacker Inc.

    Max began with an introduction to both companies, StopBadware and StopTheHacker followed by a short summary on the current status of the internet and the emerging threat for website owners and small businesses. The key metrics here were:

    • There are 8.97 billion pages on the Internet and
    • 55,381,895 WordPress sites
    • 85% of malware comes from the web
    • An estimated 1.6 million vulnerable users were exposed to drive-by downloads in one month across 58 popular (Alexa top 25,000) sites.
    • 931,490 URLs currently blacklisted by StopBadware’s data providers***
    • 9,500 websites get blacklisted by Google daily
    • Less then 5% of websites are protected (vs 99% of all PCs)

    Anirban continued by explained the impacts of your website getting hacked. A hacked website can lead to blackilsting by Google which ultimately results in unavailability in search engine results. Once blacklisted, it is unavailable for days, causing lost revenue and trust in your brand. After highlighting the disastrous impacts of getting hacked, Anirban explained in detail the most common methods of how websites get hacked:

    1. Poor choice of passwords (the most used password are still passwords like  123456, admin, mysite…)
    2. Insecure FTP connections, better alternative are SFTP or SSH
    3. Web application vulnerabilities like SQL injection or cross site scripting
    4. Third party add-ons for WordPress or Joomla etc.
    5. Server level vulnerabilities
    6. Infected PCs: Using an infected local machine can cause a website to become infected.

    Anirban concluded with detailed tips and tricks you can implement to reduce the risk of getting hacked:

    • Use strong passwords and try to set up difficult-to-guess usernames (such as “av21bx” instead of “Alex”)
    • Make sure to check your website frequently for web application vulnerabilities and malicious code. Vigilance can protect your visitors.
    • Use a website protection service like StopTheHacker that scans your site regularly for vulnerabilities and malware infections.
    • Install 3rd party plug-ins only from reputable sources
    • Make sure you regularly scan your local PC with at least one antivirus engine.

    Anirban finished the presentation with giving an overview of the important technologies which help you to protect your website. These are:

    • Web Malware detection service answering the question if your site is infected or hacked
    • Vulnerability Assessment answering the question if your site is vulnerable and might get hacked
    • Reputation and Blacklist Monitoring answering the question if your site is blacklisted

    With a Q&A from the audience and a final summary from Max the webinar was finished.

    You can view the full presentation deck below

    If you want to learn more about website security have a look at our other blog article or follow us on our social media channels like Facebook, Twitter or G+.

    Missed this webinar? Subscribe to our newsletter or leave a comment and we inform you when the next webinar is up for registration.

    Last but not least we like to thank our friends from StopBadware, especially Max for hosting this great webinar together with us and their constant fight against badware and hackers.

    • […] If you find this article interesting you also may want to check out the following blog articles: “10 tips to make your WordPress blog secure” and “Tips and Tricks on Website Security” […]

      Posted by stopthehacker.com | How to change WordPress password without having the access to wp-admin on October 9th

    • […] If you find this article interesting you also may want to check out the following blog articles: “10 tips to make your WordPress blog secure” and “Tips and Tricks on Website Security” […]

      Posted by stopthehacker.com | New product version 3.5 has been released on October 23rd