Website Security – Preventing the Worst

Website Security – Preventing the Worst

Strengthen Website Security

Creating & Storing Backups

One of the most important preventative measures for Websites is making sure you are creating and storing a local copy of your own backups. Although the GlowFrog Hosting ABS (Automatic Backup System) is running 24/7 to help preserve the integrity of your website data you should never rely on these backups alone.


It is encouragable to create and keep a safe copy of your own backups as well. As such we have developed these simple, three-step, Good Backup Practices to help you create and store your own backups, just-in-case!

As long as you follow the simple steps in our Good Backup Practices Page at least once a month, you should be protected against unfortunate data loss.

Downloading a Backup of Your Databases



Website Security and Hack Prevention

General Good Website Security Practices

1) Create Backups of Your Website(s) and Files
2) Always Keep your CMS (Content Management System) up-to-date with the latest version(s)
3) Always Keep your Plugins, Themes, Modules, Extensions etc. up-to-date with the latest version(s)
4) Install a Website Level Firewall Plugin or Anti-Malware Plugin
5) Scan Your Website(s) regularly for possible infections and vulnerabilities

» Free Subscription to SiteLock Security is included in all GlowFrog Hosting Plans.

6) Consider a Managed Hosting Solution if you are not comfortable managing the security for your website(s) alone.

7) WordPress Users View and Follow our Guide on Hardening and Securing WordPress.




Audit Themes and Plugins for Better Website Security

Web Software/Applications Vulnerabilities


The best Security System in the World will not prevent a break-in if the front door to your home is left wide open. The same can be said regarding Server Security. The best Server Security in the world will not prevent your websites from being hacked if a vulnerability is present in your website which would allow hackers to take advantage of this and gain access to your files or file server to upload or inject malicious scripts.


It is important to familiarize yourself with the Software you are using for your Website(s) in order to take the correct preventative and protective measures to thwart the attacks of hackers. This seems like a lot to consider, but we have broken the needed information down into smaller, easier to digest chunks below.




Vulnerabilities in Themes and Plugins

Website Security - Vulnerabilities in Themes and Plugins

To address Vulnerabilities in themes, plugins etc. the best practice is to ensure that all of the third party themes and plugins you are using in your site are kept up-to-date with the latest versions. These third party vendors often push updates to fix or patch known vulnerabilities this is why it is so important to keep updating them as new versions become available. It is also a good idea to uninstall any deactivated plugins or themes that you are not using. Average users are generally unaware that even though the plugins or themes are not active, they can still be exploited. Moreover, when you have plugins or themes that are not active, they are generally not receiving updates which means they are left even more vulnerable.


Common CMS Known Vulnerabilities



WordPress Complete Security Solution
How to Harden and Secure My WordPress Site
Hardening WordPress from
WordPress Security from
WordPress Known Vulnerabilities 2019
WordPress Exploit Database



How to Secure Joomla
Joomla Security Checklist
Joomla Known Vulnerabilities 2019
Joomla Vulnerable Extensions



How to Secure Prestashop
Prestashop Security Discussion (forum link)
Prestashop Known Vulnerabilities 2019
Free Prestashop Security Module




Using Strong CMS Passwords

Use Strong CMS Passwords

Another good security practice for your website is ensuring that you are using Strong Username and Password combinations. Avoid using common usernames such as: Admin, Administrator, User etc. and simple passwords such as: Password, Password, Pass123, TempPass etc. Below is a link to a list of the most commonly used passwords which you should avoid:

View List of Most Commonly Used Passwords

◦ Avoid using the same username and password combinations accross multiple applications.

◦ Use a Secure Password Generator:

Visit, (a Trusted Site Used to check your password against Database Breaches) frequently to check if your password has been compromised.

You can even use the “Notify” tab on HaveiBeenPwned to be automatically notified in the event of a breach containing your email address or password.


How useful was this post?

Let us know what you think!

Average rating 5 / 5. Vote count: 2

No votes so far! Be the first to rate this post.

Thanks for rating our post!

Don't forget to follow us on Facebook for more great tips.

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?