about us

simplewebhosting.co.uk blog simplewebhosting.co.uk blog


Archive for the ‘hints and tips’ Category

Are Your Passwords Strong Enough? Maybe Not!

Monday, December 10th, 2018

In a world where so many of the websites, apps and services we love are still controlled by passwords and phrases, there’s a worrying trend of keeping things too simple. Given that we can now log in and access sensitive data such as banking from our phones, it surely makes sense to always make sure that our access words are hard to guess.  But how many of us are actually doing that?

When it comes to our own services, we always advise on keeping things as secure as possible – but it’s high time you considered how secure you are actually making things.

What Makes a Password Secure?

It’s tempting to create a password that’s easy to remember.  A pet’s name, your mother’s maiden name, throw in the last two digits of the year you were born – you’re not likely to forget those details. However, password security has moved on massively, and we’re largely being advised to create long strings of characters and symbols to build truly unique phrases.

Strong passwords, on the whole, are phrases and words which are going to be difficult to predict outright. We recommend that anyone using our services considers using a mix of the following:

  • Upper and lower case characters (and not necessarily at the start of words)
  • Numbers
  • Symbols (valid keyboard entries such a £, %, & etc)
  • A phrase of at least eight characters long

Strong, secure passwords should also have no link to your personal life, tastes or history. ‘fluffy77’ is going to be far easier for unwanted hackers to guess than ‘YG^&9&dxxC$34’! You don’t even have to make your password that complex – think of a phrase, and shorten it with numbers – or write words backwards!

Why Strong Passwords?

The advice to create passwords you’re likely to remember is getting very old indeed. There are several reputable password locker programs available online, many of which are offered by antivirus services. Safari, Apple’s landmark browser, outright creates complex passwords for you whenever you sign up for something new. If you can’t remember the strong phrases you create, use a secure program or app to help store them.

All in all, strong passwords are here to help you. With hacking and intrusion growing ever more sophisticated, is it really worth still clinging onto that maiden name, or your favourite football team? Prevention is far greater than the cure – lock up safe with a secure set of passwords with little to no chance of intrusion.

Secure your WordPress installation

Tuesday, April 21st, 2015

We’ve recently been plagued with a number of hacking and spamming events caused by WordPress installations. Or, more accurately, out-of-date WordPress installations.

As great a piece of software as WordPress is, if it’s not kept up-to-date with the latest releases and security patches then it becomes a magnet for even the most amateur hacker. Scripts such as xmlrpc.php can be easily manipulated to send out large amounts of spam. You may not think this is an issue for you personally but if just one of those spam messages hits a spam trap, then the server’s IP address is blacklisted and other users will find they’re unable to send mail.

We’re not having a go at WordPress here. It’s a great piece of software and there’s a reason it’s the world’s most popular blogging platform, however you cannot simply install it and forget about it. It MUST be kept up-to-date. This issue is not restricted to WordPress of course – it affects any PHP software running on your server – WordPress is just more of a target due to the volume of installations out there.

There are many tools freely available that can ‘lock-down’ your WordPress installation – one we’ve played with ourselves is:

https://wordpress.org/plugins/better-wp-security/

It’s a WordPress plugin that’s available free, very easy to install and provides a run-down of the things you should do once you’ve installed WordPress (such as disabling the dreaded xmlrpc.php!)

There are server wide settings we can employ that will help stop some of these attacks however they also restrict genuine functionality which then causes more issues.

Are you using WordPress to power your blog?

Wednesday, March 4th, 2015

WordPress is the most popular blogging software available powering more than 60 million websites. This of course means it’s open to the most abuse.

We’re finding more and more attacks on our servers are caused by exploits in the WordPress software – not through any fault of WordPress itself but the fault of end users who are not applying the numerous patches and security releases that WordPress distribute each year.

It’s essential that if you have WordPress installed on your hosting account that you keep it up-to-date constantly; the software can even do it itself if you configure it that way! Let me say that again. You must always keep up to date with the latest version of WordPress.

There are also a variety of security plugins available to help ‘harden’ your WordPress installation and we’d recommend these too.

Is YOUR password secure?

Sunday, December 8th, 2013

passwordscloud

Passwords are an everyday part of our lives and are essential in protecting our most sensitive data; including our web data. But how secure is your password? At simplewebhosting.co.uk we regularly see examples of poor password choice and find it’s a constant battle to educate users in the importance of choosing a strong password.

Mark Burnett (xato.net) has used lists of leaked passwords to compile a master list of the 10,000 worst passwords; an astonishing 91% of all passwords used appear in the top 1000. Click on the wordcloud above – if you can see your password then you should change it now!

Here are some startling facts gleaned from Mark’s data:

  • 4.7% of users have the password password;
  • 8.5% have the passwords password or 123456;
  • 9.8% have the passwords password, 123456 or 12345678;
  • 14% have a password from the top 10 passwords
  • 40% have a password from the top 100 passwords
  • 79% have a password from the top 500 passwords
  • 91% have a password from the top 1000 passwords

So is it time to change your password? The answer is almost certainly yes!

We’ve recently introduced stronger password strength requirements meaning that no longer will you be able to pick cPanel or mailbox passwords that are insecure. We know that this will be a nuisance to some customers but we believe it to be an essential nuisance.

Did You Know … we’re open 24 hours a day?

Thursday, August 12th, 2010

In fact, we believe we’re the only UK web hosting company providing all its customers 24/7 freephone telephone support.

So whether you need web hosting support at 3am or have a sales question at 3pm – you can call us free any time of the day, and day of the year.

about us
top

blog blog

 
top

blog categories blog categories

 
top

blog archives blog archives

 
top

blog categories popular blogs

 

 
10 reasons 10 reasons to choose simplewebhosting.co.uk