After my own servers getting hacked at the beginning of this year I have tightened up on security, done a LOT of reading about the topic and want to share some useful tips.
Read this link to find out the most used passwords and how the hackers use this to mess up your day.
If your password appears in this list of most common passwords, it is guaranteed that your site will be hacked at some point. Use www.peguta.com for your password generators and storing them. It’s FREE! Beats having a word doc that if lost – you are screwed!
Countless websites are compromised every day due to the outdated and insecure software used to run them. It is incredibly important to update your site as soon as a new plugin or CMS version is available. Most hacking these days is entirely automated, with bots constantly scanning every site they can looking for exploitation opportunities. It is not good enough to update once a month or even once a week because bots are very likely to find a vulnerability before you patch it. Unless you are running a website firewall like CloudProxy, you need to update as soon as updates are released. If running WordPress, I personally recommend the plugin ‘WP Updates Notifier‘ – it emails you to let you know when a plugin or WordPress core update is available. You should also follow @sucuri_security on Twitter to get notified about important updates and security warnings.
3. ONE SITE PER SERVER!!
Having unlimited sites on your hosting plan makes it easier for hackers. Once they get into one they can access them ALL! This is what happened to me.
Hope this is helpful. I use Securi.net as a firewall protection. It speeds up sites and you can forget about hackers and focus on whats good.