Preventing exploits

Here's a collection of thoughts for your average computer user, but they apply to all of us. The less exploited websites & computers on the internet, the safer we all are.

Passwords

Never recycle passwords

  • Password reuse is the number one reason we see accounts get exploited on a daily basis. Use a password manager.

  • Periodically check sites like Have I been pwned) & change the relevant passwords after 3rd party breaches.

Use a password manager

Use a password manager, there's no reason not to these days — there's software that supports all budgets, operating systems & license of choice.

Name Windows MacOS Linux iOS Android BB
1Password Yes Yes No Yes Yes Yes
lastpass Yes Yes Yes Yes Yes Yes
keepassX Yes Yes Yes No No No
keepassXC Yes Yes Yes No Yes No

Indecisive? Here's a full list of password managers) you can peruse until the end of time.

Most password managers can integrate with your browser & can be sync'd across devices, regardless of OS

When in doubt, reset!

  • If you ever see an SSL related connection error when connecting to a particular service (email, sftp, our control panel, billing, etc.), do reset the related password as a precaution.

  • After public wifi/travel: Whether traveling, or connecting to While traveling & using networks that might be of sketchy origin, keep a digest of the passwords you use & change them during, and after returning from your trek.

  • Sharing passwords; If you do have to share a password for any reason, change the password beforehand (so you're not sharing a password you may have inadvertently used elsewhere) & afterwards.

Software Security

Practice Safe browsing

  • Use the latest version of your browser.
  • Disable flash, or use a browser that allows you to enable it on demand like chrome.
  • Block ads: Software addons like ublock origin) & eff's privacy badger) can really help.
  • On mobile, consider using Firefox Focus.

Keep software up to date

  • Keep software up to date, whether locally (your computers, tablets, phones) or on your hosting account.

  • Remove unnecessary software that could potentially be exploited — e.g. use as few plugins as feasible for scripts like WordPress, Joomla, Drupal & other content management systems. The same applies to your local computer: Less is more, but particularly with software that runs as a daemon (in the background).

Network Security

Avoid public wifi

Avoid public wifi connections whenever possible, but especially when using ftp, email, etc. unless you're connecting securely via sftp, or pop3 / imap via ssl or another secure method. Even then there are man in the middle attacks. These rules apply to laptops, cellphones, tablets, and any other device that can access networks.

Keep your router up to date

If you operate your own consumer grade router at home, keep it up to date.

  • Make sure that it's using encryption. Avoid using unencrypted wifi.
  • Change the default password
  • Disable any file sharing mechanisms it supports.
  • Turn off any remote access/manage related features

US-Cert has some reasonable tips for securing your home network

Don't share devices

  • Avoid using public computers, but if you do, change any passwords you've used afterwards.
  • Never assume that your friends, family & relatives don't already have virii / trojans / etc. on their system. The odds are against you in today's world.

Keep software up to date

  • Regardless of location (your computers, tablets, phones) or on your web hosting account, keep your software up to date.
  • Remove unnecessary software that could potentially be exploited — e.g. use as few plugins as feasible for scripts like WordPress, joomla, drupal & other content management systems.
  • The same applies to your home computer — remove unused software, or software that is commonly exploited like adobe flash, adobe pdf applications, etc.

Backups

Most importantly of all, keep backups. We've seen it time & time again, where something nasty occurs and there's nothing to restore to.

Bad things are going to happen

Bad things happen, period. Fires, theft, exploits, or even just bit rot1. Backup, backup, backup!

The 3-2-1 backup strategy

  • Keep at least 3 copies of your data
  • Two local copies of your data on two different backup mediums (Hard drive, usb key) in two different local locations in case of fire or theft.
  • At least one offsite copy. Whether this is a safety deposit box, or a good friend's safe.

Backup only what's important, and, remember if you don't have backups, the data might well not exist.


  1. Bit rot goes by other names like data degradation, data decay, data rot or, our favorite, bit rot. For the not so feint of heart, read about it on wikipedia