2. Some questions
Do you have a website?
Can you make changes to the website
yourself?
Are you the business owner?
Are you responsible for the security of your
website?
17 Feb 2015
Securing your Website from being Hacked!
Jochen Daum Automatem Ltd, www.automatem.co.nz,
jd@automatem.co.nz
3. Who is trying to hack your website?
Nerdy teenager who hacks out of boredom?
No! Professional hacker who is in it for the
money.
17 Feb 2015
Securing your Website from being Hacked!
Jochen Daum Automatem Ltd, www.automatem.co.nz,
jd@automatem.co.nz
4. Why are they hacking your website
Your hacked website is used to earn
money illegally:
Extortion (you)
Virus → Extortion (your customers)
Spam → Fraud, more websites, social engineering,
money laundering, virus
Denial of Service attack → more websites, extortion
(anyone)
Etc etc
17 Feb 2015
Securing your Website from being Hacked!
Jochen Daum Automatem Ltd, www.automatem.co.nz,
jd@automatem.co.nz
5. Good News
You only need to be more secure than others
17 Feb 2015
Securing your Website from being Hacked!
Jochen Daum Automatem Ltd, www.automatem.co.nz,
jd@automatem.co.nz
6. How to secure your website
Choose a good password
everywhere
15 characters
Lower/ Upper case, Numbers, Special
characters
Prerefably random! (store in browser)
17 Feb 2015
Securing your Website from being Hacked!
Jochen Daum Automatem Ltd, www.automatem.co.nz,
jd@automatem.co.nz
7. How to secure your website
Keep everything up to date
Your computer software and antivirus
Your website Content Management System
and any extensions
17 Feb 2015
Securing your Website from being Hacked!
Jochen Daum Automatem Ltd, www.automatem.co.nz,
jd@automatem.co.nz
8. How to secure your website
Use a current and widely used system,
ie. Joomla, Wordpress, Drupal
To check any other system:
Search for “your_system security update”
Has never had a security update? → Its not
widely used enough
Has not had a security update in last 6 months?
→ Its either outdated, not widely used enough, or
even abandoned 17 Feb 2015
Securing your Website from being Hacked!
Jochen Daum Automatem Ltd, www.automatem.co.nz,
jd@automatem.co.nz
9. How to secure your website
Take responsibility from the top:
Website is Owner/ CEO business
Someone else might do it, ie. Web Designer,
but responsibility lies with you
17 Feb 2015
Securing your Website from being Hacked!
Jochen Daum Automatem Ltd, www.automatem.co.nz,
jd@automatem.co.nz
10. How to secure your website
Don't allow website files to be
writeable and executable if not
necessary:
Need to be able to upload images/ files
Must not be able to install/ update without
unlocking
Must not be able to run scripts from images/17 Feb 2015
Securing your Website from being Hacked!
Jochen Daum Automatem Ltd, www.automatem.co.nz,
jd@automatem.co.nz
11. Have a backup
You need to test your backup every 6
months:
Ask for the backup frequency, eg. daily
Make a small change/ upload a file
Wait 24 hours
Remove file/ change and ask for it to be
restored
17 Feb 2015
Securing your Website from being Hacked!
Jochen Daum Automatem Ltd, www.automatem.co.nz,
jd@automatem.co.nz
12. Checklist
Good passwords
Keep up to date
Widely used system
Owner/ CEO is responsible
Lock down access rights
Have a backup 17 Feb 2015
Securing your Website from being Hacked!
Jochen Daum Automatem Ltd, www.automatem.co.nz,
jd@automatem.co.nz