2.15.2.3. Recommendations for protection against hacking

The most common way to hack sites is to use vulnerabilities known to the attacker in the code of site scripts. Therefore, it is very important to keep both the site itself and its individual modules (plugins, themes) up to date at all times — to update regularly, to refuse to use outdated versions of scripts that are not supported by their developers on an ongoing basis.

The second most common is password guessing. In this case, the attacker tries the most common (simple) passwords and words. It is easy to protect yourself from this method — it is enough to think over your passwords well, to make them more complex. Never use the same password for different services. The password should be at least 6 characters long, optimally 8—10. Under no circumstances use words that are meaningful, especially for you, as a password. Of course, such a password is better for remembering, but it is also easier to crack. Similarly, it is easy to guess passwords like mypass, pass1234, computer, dima2007 etc. An ideal password, from a security point of view, should be meaningless and contain numbers, letters (both uppercase and lowercase) and, if possible, special characters.

Change your username and password from time to time in the site access details, FTP, databases etc.

Do not use the save passwords feature in browsers.

Be sure to install a good antivirus program that protects your system in constant monitoring mode. Update your anti-virus database regularly: even the most powerful anti-virus is powerless against viruses if it uses a database a week ago.

Install a firewall (firewall) in the system: it constantly monitors network activity on your computer, prevents hacker attacks, attempts to unauthorized access to your data and data transfer from your computer.

Do not store FTP passwords in browsers or FTP clients.

Occasionally change your FTP access password.

Make sure to enable and add the Trusted IPs list to FTP security settings.