{"id":5232,"date":"2019-06-14T14:00:31","date_gmt":"2019-06-14T12:00:31","guid":{"rendered":"https:\/\/assistance.groupemagiconline.com\/?post_type=ht_kb&p=5232"},"modified":"2022-11-28T09:15:14","modified_gmt":"2022-11-28T08:15:14","slug":"securite-de-votre-site","status":"publish","type":"ht_kb","link":"https:\/\/assistance.groupemagiconline.com\/en\/knowledge-base\/securite-de-votre-site\/","title":{"rendered":"Security of your site"},"content":{"rendered":"

Advice<\/h2>\n
\n

Obviously, we are not going to deal in a few lines with the innumerable problems related to the website security<\/a>. Entire books are devoted to this and computer security is a profession in its own right.<\/p>\n

We will limit ourselves to a few recommendations that considerably reduce the risk of one day being confronted with a disaster.<\/p>\n<\/div>\n

Software updates<\/h2>\n
\n

It's FON-DA-MEN-TAL! If there's only one thing you need to remember, it's this<\/strong>. Read carefully the following lines, they may save your life.<\/p>\n

More than 99% customers<\/strong>\u00a0victims of piracy are victims of piracy because they have not updated the software they use.\u00a0If you don't update your site, you can be almost certain that sooner or later your site will be hacked, no matter how big it is, how many people visit it or how important it is<\/em>\u00a0! Hackers use automatic bots that scan search engines and automatically exploit security holes in known software.<\/p>\n

Your host can't do anything for you<\/strong>\u00a0if the data you host has known security flaws. Our servers are obviously secure, but it is important to understand that hacking a site has nothing to do with hacking a server. We cannot protect you against attacks that target the programming code of your site.\u00a0We are a hosting company, not your webmaster<\/em>.<\/p>\n

You use a\u00a0CMS<\/acronym>\u00a0as\u00a0Joomla, Prestashop, WordPress, OsCommerce, PhpBB, Spip, Coppermine<\/strong>etc.? You should keep yourself informed on official websites and user forums about security updates and apply them. If you are not willing or able to do this or delegate it, then you should not use a\u00a0CMS<\/acronym>. The updates can be tedious, but they will always be much less tedious than if you had to face the impetuous passage of an indelicate hacker...<\/p>\n

The updates also concern the means of production of your site: software of creation of the site, client\u00a0FTP<\/acronym>\u00a0(FileZilla<\/strong>etc.), and more generally your PC: if it is infected, the virus can perfectly use your hosting to exploit it (phishing, spam, etc.)<\/p>\n<\/div>\n

Make your own backups!<\/h2>\n
\n

You can never have too many backups!<\/strong><\/p>\n

Back up your files, back up your databases with PhpMyAdmin, and\u00a0archive as much as possible on your computer<\/strong>\u00a0then periodically burn them on a DVD or copy them on another support (USB key, external hard disk...) so as to keep a copy even if something happens to your computer.<\/p>\n

Even if our offers include an automatic backup system,\u00a0this does not exempt you from making your own backups<\/em>\u00a0!<\/p>\n<\/div>\n

Confidentiality of identifiers<\/h2>\n
\n

The most \"effective\" way to get hacked is to leave your credentials lying around. Adopt a strict security policy from the start. Don't leave your credentials lying around, prey to hackers, viruses, Trojans, prying eyes... Keep your credentials in a safe place.<\/p>\n

If you change your passwords, choose completely random passwords that you learn by heart, or write down on a piece of paper. Avoid at all costs words from the dictionary (of any language!), proper names, actor's names, singer's names, your birth date, etc. Try to alternate numbers, lower case, and upper case. This\u00a0online tool<\/a>\u00a0will help you generate a good password. Be sure to use different passwords for each service to avoid chaining effects.<\/p>\n<\/div>\n

Protect what should not be visible to everyone<\/h2>\n
\n

You can easily restrict access to a folder to one or more users. To do this you just need to use the .htaccess file<\/p>\n

If you work with several people on a website, you can also restrict the access of each collaborator to a specific folder by\u00a0creating secondary FTP access<\/a>.<\/p>\n<\/div>\n

What can happen to you if you are hacked<\/h2>\n
\n

You'd be surprised how fertile a hacker's imagination can be. Here's what could happen to your site if a hacker exploits a security hole:<\/p>\n