Some easy steps to protect your websites and emails from hackers

Posted on 05 24, 2017

You might be aware that globally there have been increasing numbers of hacking incidents.

Recently, lots of Nepali sites specially trekking websites are being hacked and some have even faced financial frauds.

So, we at Moksha Design Studio have prepared a set of security strength checklist for website and email accounts. We strongly recommend you to take some time to take this steps to be safe from unwanted damage on your website, brand and company itself.

1. Use strong password.

Use complicated and unique passwords for each account. Don’t use same password for multiple accounts. Using a password again and again for multiple accounts, no matter how strong it can be, can open you up to other attacks. If one account is breached, that means others could be too.

We know that it is hard to remember complicated passwords, so we suggest to use password managers. There are lots of popular password manager apps and websites out there. You can use any of them. We have listed some of the popular ones below:

2. Don’t use cracked softwares and unknown browser extensions

Please avoid using cracked softwares or unknown softwares from torrent or pirate sites. Remove softwares you don’t need, regularly. Make sure you install softwares from trusted sources only. If you can’t remove extensions or your browser is already infected, please use one of the following tools to fix it.

3. [ important ] Setup two-factor authentication on your online accounts

Setup two-factor authentication on your website’s cpanel login, admin login and email accounts. Two-factor authentication works by sending a second password or code to a device you own and trust, like your phone. Setting it up bolsters your password considerably, and makes it far more difficult for someone to access your account. Most online accounts now support two-factor authentication. You can use following app to setup 2 Factor authentications:

4. System Update

Always make sure the CMS systems used in your websites such as WordPress and its plugins are updated. At Moksha, we are routinely checking website for updates making sure it is up to date. We are also developing a system to inform you whenever updates are installed on the website.
Also, either windows, mac or linux, make sure you keep your OS up to date. Please install windows update, macOS update to make sure your system is well patched.

5. Suspicious emails and links

Please do not open any suspicious files or links sent to you through email, if you don’t know source. Always scan emails for virus or malware using antivirus. Trust antivirus not your instinct.

6. Mac users! Don’t believe in myth that mac won’t get virus.
Mac can be affected by virus, ransomware and malware. You can use any paid Antivirus solutions for your system such as Kaspersky, Bitdefender, etc.

7. HTTPS on your website

Use HTTPS on your website. It protects you and your visitors from Man in the Middle attack. Also, HTTPS is ranking factor on SEO. If you are not sure how to install SSL certificate on your website, you can always contact your hosting provider to install SSL certificate.

8. Uninstall JAVA or Adobe flash

Both JAVA and Adobe flash player are prone to make your system exposed if you can’t keep them up to date. So, it is recommended to uninstall both of these software as we don’t need them on any of the modern websites.

9. Use an ad-blocker

Installing an ad-blocker to your browser, like Microsoft Edge, Apple Safari, Mozilla Firefox or Google Chrome, can help significantly reduce the number of tracking cookies that get installed on your computer. There has been number of cases where malwares were being spread through ads.

You can use any of the following ad-blockers for your browser:

10. Free Wi-Fi

We love free Wi Fi. But free Wi Fi can be vulnerable too. If you and hacker are on same network, they can easily capture any information sent through HTTP links. Please try to avoid open/public Wi-Fi was much as possible.

11. Email hosting

Through web hosting, you can always create your organization email. Nowadays, in terms of security, webmail doesn’t seem to be reliable. So, we recommend using paid email service such as Gmail for work or office 365.
Stop using email softwares. Use web based email services.

We strongly recommend you to stop using Outlook as it is a desktop software and if your computer is hacked then accessing your outlook software becomes easier.

You can also use a very good FREE email service such zoho.
Here are the benefits of  using web based independent email services:
  • Independent email service has their own security implementations such as 2 factor authentications, email controls.
  • Better interface than web mail. You can easily do basic things such as attaching document which is horrific in webmail.
  • Independent email services are pay as you go. You will require to pay per user. It depends upon service you use. For example: Zoho allows you to add 25 email addresses. More than 25 email address, you will require to pay on Zoho.
  • Email space. Though web mail allows you unlimited space for your emails, it uses space provided for your hosting. However, other email services are independent of hosting space. They don’t use any of the space allocated for hosting. Different email services provide different starting space. For example: Zoho provides you 5GB space per email address.
We hope that you take out some time to take these steps seriously for the website and company you have built with your hard work.


Leave a Reply

Your email address will not be published. Required fields are marked *