How to prevent your online assets getting hacked with just a few clicks......
This self help guide will show you how to properly secure and protect yourself against the onslaught of hackers and various other criminal activities currently plaguing the internet and other online users.
Your computer and web browser needs some serious changing and updating of settings.
We fortunately have already covered these options, so please click here to get started with securing your computer system and default browser { All Chromium based browsers e.g. Chrome, MS Edge, Vivaldi, Brave, Opera etc. }
Protecting your website is currently the utmost important security step you must make as hacking, ransomware, and data theft is at the order of the day, whether from local criminals or international state sponsored terrorists. You have probably read about all the hacks and ransomware attacks on local and international companies. The Colonial Pipeline ransomware attack, in Florida USA, is one of the largest attack to date.
I should let you know about our situation and what we have done to secure ourselves — our website is currently under attack from China, Iran, North-Korea, and Russia, and other various criminal and terrorist organizations. CloudFlare has done an outstanding job of securing and protecting our website from all of these threats and bad actors.
Now the following step is just for securing and protecting your website against the above mentioned criminal behavior. I am not affiliated to CloudFlare, promoting, or are endorsed by them to write this help guide, but they are currently the fore runners in online security.
We ourselves are using their free service and I must confirm that their security is outstanding. Everything I'm going to write that you must do, will be on their free service package, so this will not cost you a cent to secure and protect your website! If you follow the below steps, your website will be safe and secure against any type of attack whether DDOS, Hacking, or data scraping by bad bots.
It should take you about an hour to fully move your website's access, security, and traffic through CloudFlare. Results may vary depending on how fast your website's registrar changes your DNS servernames to that of CloudFlare's. Remember to write down the old DNS Nameservers and the new DNS Nameservers from CloudFlare once they have been given to you just to make sure you don't loose them.
Just in-case there are any hiccups, you may simply change and return to the old DNS nameservers.
Action One: Create and account and get yourself on the CloudFlare bandwagon...
Action Two: Change your DNS nameservers at your domain registrar to Cloudflare's servers.
Action Three: Recommended enhancements after your website is up and running through Cloudflare:
3. End-To-End HTTPS with Cloudflare
4. HTTP Strict Transport Security (HSTS)
Our site is currently fully encrypted from the front-end right to the origin server back-end...
If you have any doubts as what to do or have any queries, you may contact CloudFlare support (Click on the bottom button labeled "Get more help"), the CloudFlare Help Center, or go to their Community Forum and ask for assistance there.
Here are some custom settings you may want to take a look at for enhanced security and website operation.
If you have any other questions, try their Main Starter's Page for new customers.
To minimize unnecessary traffic on your website and also to block malicious visitors from aggressive foreign countries, you can go to the FIREWALL option and under the "Firewall Rules" tab create a blocking rule.
You may ask yourself this... why would you want to block a whole country? Well, the answer is simple, if your website only serves your own national region or is only available in one language, there is no use for other countries accessing your website.
This action will also minimize the risk of your website getting hacked from foreign aggressive and/or malicious foreign countries. Our website blocks over 50 international countries world wide including all TOR nodes. Don't be fooled, hackers also use TOR nodes for their own purposes, so blocking it will only enhance your security further.
Take note - Also check that your website's origin I.P. address is whitelisted/allowed under the firewall's "Tools" list, otherwise you will not be able to access your website.
Russia, Iran, Ukraine, and China etc. have the least amount of people able to read and speak English or have any use for western websites with English content. So blocking these countries also protects your website against malicious actors, hacking, and DDOS attacks by default.
Our website is currently suffering over 50 000 attacks from these countries each month.
So simply create a firewall rule like below:
Field >> Country = China
Or
Field >> Country = Iran
... and continue until you feel satisfied you've got them all!
... at the bottom of the selection... Choose an Action >> Block
The more countries you block the less likely it is for hackers and other malicious actors to access, destroy, or ransomware your website. Some hackers also don't access your website directly from their home countries, so blocking as many countries as possible reduces the risk to your website.
I have discovered that Chinese and Iranian hackers use VPNs and proxies in western countries like the Ukraine, Czech, Singapore, Malaysia, Korea, Poland, Hungary etc. to launch their attacks against our website.
There is also a "Bot" tab on the FireWall main tab. You would be advised also to enable or switch on this option. There are a lot of bots roaming the internet searching for ways to enter your website and steal personal data, or simply scraping your website for data and information about you. Don't be concerned that this option would block any search engine crawlers, as crawlers are not part of this option, just BOTS!
Your website will still be found by search engines.
Last but not least, if you have access to your htaccess file, you may want to add these few lines to it to protect direct access to your folders and indexed files:
#Don't display all your folders as an index
Options -Indexes
DirectoryIndex index.htm index.html
# This prevents web browsers or spiders from seeing your .htaccess directives:
<Files "\.(htaccess)$">
Order Allow,Deny
Deny from all
</Files>
You can place them at the top of your htaccess file.
If you feel uncomfortable placing your website in the hands of a security company, you may try going it alone with the next best option: 7G Firewall for your htaccess file available for any Apache or Nginx powered server. There is also a free WordPress plugin called BBQ and a BBQ Pro (premium version) option for your WordPress website.
These options are completely free(except the premium version) and is available from Jeff Starr as a download. It is a simple text file that you download.
The 7G Firewall offers lightweight, server-level protection against a wide range of malicious requests, bad bots, automated attacks, spam, and many other types of threats and nonsense. 7G is an easy-to-use, cost-effective way to secure your site against malicious HTTP activity. It helps to protect against evil exploits, ill requests, and other nefarious garbage, such as XSS attacks, code injections, cache poisoning, response splitting, dual-header exploits, and more.
Well... there you go, if you have followed all of the above guidelines, your whole system right from your computer through to your website should now be safe and secure from any online threats.
...Go Online and enjoy complete productivity freedom...
We're just two guys in a garage, what else is new... right?
It's almost a cliche, or is it? I don't know, maybe...