Protect Your Website

  1. Stay informed and be in touch with security related news.
  2. Watch traffic to your site. Put host-based intrusion detection devices on your web servers and monitor activity looking for any irregularities.
  3. Put in firewall.
  4. Configure your firewall correctly.
  5. Develop your web content off line.
  6. Make sure that the web servers running your public web site are physically separate and individually protected from your internal corporate network.
  7. Protect your databases. If your web site serves up dynamic content from database, consider putting that database behind a second interface on your firewall, with tighter access rules than the interface to your web server.
  8. Back up your web site after every update.