How to prevent your website from hackers

website hacking is the rapidly spreading threat to website. This article describes tips to prevent your web pages from hackers.

Instructions

1. Always create a login there are huge number of new clients on existing sites whose entire back end does not even have a login. It is simply just asking for trouble and it shows the lack of knowledge the previous developer had.
2. Try to avoid using Internet Explorer. Internet Explorer is vulnerable to some hacking tools like spy ware, and other security issues, which make it a constant security threat. Install "Firefox" or any other alternative web browser when using the web application or when training your clients on your new web application
3. Do not forget to update your open source applications. If you do maintain any web sites than you need to check it regularly for updating the web applications and install them on their web site
   
4. 4
   Always encrypt your web application with SSL to avoid any one sniffing the data you are transmitting back and forth. Sniffing is another way by which hackers can gain usernames and passwords easily and get full access to your application.
   
5. Change your password after 1 or 2 weeks. This method is typically used to get resistance from hackers who manage to steal passwords
6. Always use strong passwords. Avoid using your last name, first name as password or simple word for logging into your system. A good password is the one, which does not make any sense and is hard to remember. Use combination of upper and lower case letters, digits, and punctuation to help prevent against dictionary attacks.
7. If you have installed a common open source application like "MediaWiki", "Movable Type", "Word Press" or "phpMyadmin" etc then these applications are normally installed at default locations like "wp", "admin", "phpMyAdmin", or other folders which provides hackers a good guess at where your login screen is. As these applications are open source so hackers can easily find old security laps in the code and then exploit them if you have not yet upgraded your system. If you are going to install one of these applications then install them to a unique directory, which will be different than the default location. You will be safer from most hacking attempts
8. Another threat is the "SQL Injection attacks" which can grant a hacker direct access to your whole web application. To avoid SQL injection attacks; make sure you are escaping variable data before running SQL scripts to return login information for your system in nutshell.
9. Always link to open source software. Use a search engine to find web sites that link to WordPress.org and you will find thousands of blogs, which link back to Word Press because they use the popular blogging software. Now in this case hacker has a list of potential word press blogs to exploit. Do not to link back to the software you are using. It will prevent your site as a potential hacking victim
You can take the following precautions: On the server level: (1) Your server should have DOS protection. (2) Strong Firewall to keep away intruders. (3) Use a strong password for all your services. On the application level: (1) Sanitize user's data / Use Prepared statements / MySQLi extensions while interacting with the database. (2) Make use of the htmlentities() function while rendering the user's data. (3) Use SSL when transferring sensitive data. (4) Save the user's password with a strong hash (SHA1, SHA256) along with a salt. (5) Appropriate folder permissions. (6) Validate the files that are being uploaded by the user. I am looking for others to add more to this list... Cheers!