Keeping Your Domains and Websites Private and SecureApril 12th, 2012 @ 9:12 am
While webmasters are proud of their online creations, it’s often not in their best interest to reveal their identity as a site’s owner or other details about the technical aspects of the site. A lack of proper privacy measures for your sites can mean opening vulnerabilities for your competitors to exploit, so on a whole for most projects it’s best to minimize footprints and stay as anonymous as possible. Fortunately this isn’t as difficult as it may seem and as long as you use some common sense and avoid getting lazy, everything should be secure and safe.
All domains have an entry in the WHOIS database which anyone can access that contains the identifying information that you provided to your domain registrar. This is obviously not exactly a boon for us as webmasters and it’s preferable that we keep this information private. Luckily there is an easy way to do this- most registrars offer an option to hide your real WHOIS information for a small fee. Royalty Networks actually offers domain security for free when you register a domain. You can couple this with a CDN to further obfuscate your WHOIS entries.
Themes and Designs
Using the same or very similar themes across multiple sites is a no-no, it’s a very big clue that can tie together several different web properties and make it easier to track down their owner. This should not be an issue as there is an abundance of themes available from a variety of different designers for next to nothing. If you really want to be efficient and have fine-control over your designs but don’t want to learn the subtleties of a coding language then you can try using a WYSIWYG program like Artisteer- it lets you design site-wide themes with a user-friendly editor that lets you drag and drop everything into place, which makes it very easy to make a myriad of different-looking themes with just a few clicks.
We made an entire post about the importance of diversifying IP addresses between your sites, and it’s really as easy as scaling up as you need more of them- you can buy additional IPs no matter what hosting plan you use. Anyone can see the IP address of the server where you sites are hosted, so if you have multiple sites on the same IP it is relatively easy for someone to notice this and take advantage of it. Spread your sites across as many IPs as possible and don’t be afraid to scale up as you build more websites.
There’s always the constant threat of a hacker taking advantage of a vulnerability in your site’s code and wreaking havoc, so you should take some precautions to make this harder for them. The golden rule of defending your sites is to keep everything up to date all the time, check your back-ends often and install updates whenever they are available. Only install plugins and themes from trusted sources, and if you can accomplish something sufficiently without using a plugin then don’t be lazy and add yet another plugin to your installation when you have the option not to. If you’re on WordPress install something like Secure WordPress to automatically manage common vulnerabilities.