Our site www.viart.com site is operated by latest Viart Shop 5 with default Clear design
Printer Friendly Tell a Friend

Security tips against hackers

Dear Customers,

Today we will talk about security awareness. As a site owner you should know how to protect your site content and credit cards data. Nowadays hack attempts are more and more often, and statistics says in 90% of all cases hackers use the simplest technique - human negligence.

The Importance of Strong Passwords

Internet security is based on a “weakest link” principle; hackers are constantly searching to find the weakest link possible to give them access to a site. Very often that weak link is a weak password.

What can happen when you don't have a strong password to ViArt Shop admin panel? Someone can guess or crack your password, and among other things get access to your customers credit cards data. This is very serious, hacker can activate credit cards notification in Payment Systems > Payment Details Page settings and get an email with your customers cc data every time a purchase is made.

Your first line of defense is creating the strongest password possible.

Passwords should never include these:

  • The name of your site or your domain name (e.g. mysite for mysite.com)
  • Obvious combinations, such as "abc123", "mypass", "admin123", "yournamexyz", "yourname1"
  • Any part of the user name with a slight variation for the password e.g admin /admin11, michael /michael76 etc.
  • The words "password", "admin", "start", "go", "secret".
  • 123456, qwerty (letters on keyboard) or a similar string of sequential numbers or letters.
  • Words in the dictionary (there are programs that will run every word in a dictionary or word list against a user name in hopes of finding or guessing a password).
  • Any personal information at all (addresses, phone numbers, relatives, friends, pets).

It is also a common misconception that substituting certain letters for their “leet speak” equivalent (e.g. p@$$w0rd) make the password more secure. Any password cracking software will be trying these combinations as well.

Passwords should always:

  • Be at least six characters long.
  • Be unique to each login.
  • Be changed at least once a month.
  • Contain a mixture of upper- and lowercase letters, numbers, and special symbols, such as *, @, $, #, + ^, }, |, ), _ and others.

There are various methods you can use to create complex passwords that are impossible to guess but relatively easy for you to remember. One approach is to relate one of your favorite songs, poems, or quotes to the website or account in question. For example, you might start with the old saying, "A fool and his money are soon parted." You can easily whittle it down to "aF&H$RsP," for instance. Or a phrase "Jack is my favourite dog" can be converted to "j=I$mFd".

Another way to search for a strong password is using one of the websites below.
http://www.pctools.com/guides/password/
http://strongpasswordgenerator.com/

Changing to a secure password is a very small task. It takes only a few moments. But the damage that can be done to a site with weak login credentials is no small matter at all.

Rename "admin" folder

Another way you can complicate life to hackers is renaming your "admin" folder so that hacker wouldn't even know how to reach your admin panel. It's nothing difficult:

  • login to your hosting account via FTP, for example using a FileZilla program;
  • find the folder named "admin" and rename it to something more secure.

Here apply the same rules as for the password:

  • the new name for admin folder should not contain any dictionary words or your site name;
  • the new name for admin folder should contain numbers and special symbols (*, @, $, #, + ^, }, |, ), _).

Please remember after you change the folder name you should access your admin panel via this new name like www.site.com/new_name

Don't save passwords

Another common mistake when passwords are saved in browser or FTP client site manager. When you save a password you automatically make your site liable to hackers. Nowadays it's very easy to pick up a trojan even with an antivirus installed, and these trojans in most cases are programmed to scan all computer software on the subject of saved passwords and send them to trojan owner either to inject the site with malicious code or to steal valuable information.

It is probably a top 1 mistake how sites get hacked. That's why we strongly recommend to never save passwords!


We hope you listen to our tips and proceed to making them right away. Thanks for your time and attention.

Best regards,
ViArt Team.



Latest News   Latest
On Sunday 11th of November 2012 our servers will be updating hosting software including PHP version. It means starting from around 11:00 a.m. (GMT+0:00) you may experience some interruptions in service for a couple of hours.  read more...read more...