2.15.2.3. Recommendations for hacking protection

The most common way to hack sites is to use vulnerabilities in the code of the site scripts known to the attacker. Therefore, it is very important to keep both the site itself and its individual modules (plugins, design themes) up to date — update them regularly, refuse to use outdated versions of scripts that are not supported by their developers on a regular basis.

The second most common is password brute force. In this case, the attacker tries the most common (simple) passwords and words. It is easy to protect yourself from this method — just think over your passwords and make them more complex. Never use the same password for different services. The password should be no shorter than 6 characters, optimally 8-10. Never use words that are significant, especially for you, as a password. Of course, such a password is better remembered, but it is also easier to hack. It is just as easy to find passwords like mypass, pass1234, computer, dima2007, etc. An ideal password, from a security point of view, should be meaningless and contain numbers, letters (both uppercase and lowercase) and, if possible, special characters.

From time to time, change your login and password in the login credentials for the site, FTP, databases, etc.

Do not use the password saving feature of browsers.

Be sure to install a good antivirus program that protects your system in constant monitoring mode. Update your antivirus database regularly: even the most powerful antivirus is powerless against viruses if it uses a database that is a week old.

Install a firewall on your system: it constantly monitors network activity on your computer, prevents hacker attacks, unauthorized access to your data, and data transfer from your computer.

Do not store FTP passwords in browsers or FTP clients.

From time to time, change your password for FTP access.

Be sure to enable and add a list of trusted IP addresses in FTP security settings.