We have added a reciprocal link section which can be found at http://www.bizohost.com/links/

Feel free to add your link to our directory. However, before doing so please be sure to add our link to site as this will be checked.

Thanks
BizOHost Team

Keeping your site secure is a never ending process. A lot of clients think that this task is solely up to your web host. While that is true on some accounts, there is also a number of things that you can do to help make sure your site is secure.

We’ll take a look into a few of the many tasks on securing your site.

1) Picking a strong password

This is the most important part in my opinion of keeping your site secure. Time after time we see orders where a customer who’s name may be lets says “James Jones” will select their username as James and password as Jones. In other cases the user may try to select both their username and password as James.

Hackers or anyone trying to access your site without authorization often have lists of username / password combinations that are often used. Picking a password which falls into this category increases the threat of having your account hacked.

Cpanel has a great feature which will generate a secure password for you. However if you want to create a password on your own there are three rules you should always follow: use both upper and lower case letter, user numbers as well as special character, never user dictionary words. A good example of a strong password would be something like U3q$15Vk&!t@.

2) Check for updates on the scripts you are using

Many times a customer will hire someone to setup a site for them. They may install a message board, blog software, or other script. As you only hired them for that task in a lot of cases you have no further communication with them after setup and leave your site as is. However site scripts as with your computer operating system is often updated pretty frequently. Many of the times these aren’t just feature enhancements, but patches to vulnerabilities in the software.

Not updating your software means that your site can still be damaged by this exploit. The better scripts often have notifications on the admin control panel which will notify you when an update is available. However, you should always keep a record of the scripts you have installed and check the developers site at least once per week to see if any updates are available.

3) Keep your computer updates current and use smart practices

Security for your web site starts right at your computer. How else does your files get published to your site, your email checked, or your control panel get logged into?

If using windows you should have automatic updated turned to on or check for updates frequently. You should also have a virus program installed as well as a firewall configured at the minimum. Be sure to be careful of the software you install and make sure it’s from a trusted source. Even if you have followed steps 1 and 2, having a malicious program installed on your computer can make those steps useless.

These are only a few of the steps needed to secure you site as well as computer. As said, this is a never ending process.

A lot of times customers submit ticket and say something similar or the following:

“Hi,

My domain is customersdomain.com and I forgot my password. Please reset it ASAP and send login details to email@randomemailaddressnotinoursystem.com as this is urgent

Thanks
Bye”

Any decent host would of course require you to submit verification details prior to completing request. Lets look into why this was a poor ticket.

At this point only two things have been verified. The domain customer wants password reset for and the email address they want password sent to. Nothing confirming account ownership has been provided.

Most of these request do in fact turn out to be valid requests from the actual customer, but lets say that wasn’t the case. As a customer I’m sure you wouldn’t appreciate your account information being turned over so easy.

A better request would have been worked something like:

“Hi,

My domain is customersdomain.com and I forgot my password. Please reset it ASAP and send login details to my primary email address on file which is email@addressinoursystem.com as this is urgent.

The last four digits of the credit card on file for my account are xxx

Thanks
customer name”

First of all we are assuming this email was sent from the address that is on file for account. With most ticket systems whenever an email is sent from your primary address automatically pulls up all your account information linking you to the domain in question.

Providing the last four digits of your credit card, paypal transaction ID or other payment information also further verifies ownership.

We don’t require this information to hassle you. This information is required to protect you and your account. The more relevant details you provide the better you allow your host to assist you.

When sending sensitive information such as even the last four digits of your credit card it is advised to do this by logging directly into our ticket system as this is secured rather then sending through email.