We do not mess with security…
Being virus infected or hacked can have serious consequences:
– Virus diffusion to your customers
– Misuse of social accounts (ex: LinkedIn)
– Misuse of your content and links for promoting 3P products – Pills, Pocker, Porn (ex: political science)
– Blacklisting by Google
In addition to always make updates to your CMS, to have daily backup of your servers, here are some ways to improve the security for your CMS :
- Changing URL to access log / pass of the back office.
- Allowing access to the backoffice only from your computers’ IP (via .htaccess).
- Complying with your log / passwords politics and governance guidelines (of course you have one!).
- Removing the footprint that allows to know the version of CMS and therefore its weaknesses ( same thing in case of update).
- Set the back office in HTTPS.
Of course, all these points must be checked annually, documented and shared for a good #governance.
