改善网站安全性的5种方法

Here you will know about some important website security tips.

在这里，您将了解一些重要的网站安全提示。

Owning a website is similar in a lot of ways to owning a brick-and-mortar store. It serves to promote and advertise your products and services, it’s a good place to look if customers would like to contact the owners, and, like any location that stores valuable commodities, it’s vulnerable to security breaches. In recent years the number of data breaches taking place worldwide has spiked considerably, but many webmasters still haven’t taken the necessary steps to tighten web security and prevent potential data thefts. And if you’d like to create the perfect website, then security should really be at the top of your priority list. Below, we’ll address a number of security tips that webmasters should be enforcing to keep their sites safe and secure.

拥有网站在很多方面与拥有实体店相似。 它用于宣传和宣传您的产品和服务，是查看客户是否希望与所有者联系的好地方，并且，就像任何存储有价值商品的地点一样，它很容易受到安全漏洞的破坏。 近年来，全球范围内发生的数据泄露事件数量激增，但许多网站管理员仍未采取必要措施来加强网络安全性并防止潜在的数据盗窃。 而且，如果您想创建一个完美的网站 ，那么安全性应该真正放在您的优先列表中。 下面，我们将解决网站管理员应执行的一些安全提示，以确保其网站的安全。

Image Source

图片来源

改善网站安全性的5种方法 (5 Ways to Improve Your Website Security)

安装SSL (Install SSL)

If you have a website that sells anything or deals with sensitive customer information then it’s vital that you install SSL. Secure Sockets Layer encrypts communication and data sent between your website and its server, preventing anyone from intercepting that traffic and deciphering the data for their own uses. To determine if your website’s SSL is watertight, you should be using an SSL checker like the one offered by 1&1 to determine whether there are any potential security gaps. Secure pages with an SSL certificate means that visitors will be able to see that the site is trusted and protected.

如果您的网站出售任何商品或处理敏感的客户信息，那么安装SSL至关重要。 安全套接字层对您的网站与其服务器之间发送的通信和数据进行加密，从而防止任何人拦截该流量并解密供自己使用的数据。 要确定您网站的SSL是否防水，您应该使用1＆1提供的SSL检查器来确定是否存在潜在的安全漏洞。 带有SSL证书的安全页面意味着访问者将能够看到该站点是受信任的和受保护的。

强制使用强密码 (Enforce Strong Passwords)

Creating an uncrackable password might be out of reach for most people with ordinary tech skills, but there are steps you can take to ensure your passwords are tough and hard to crack. Be certain your password is of considerable length, use a combination of upper and lower case letters as well as a few symbols thrown in the mix for good measure. It’s also prudent to change your passwords regularly, and use a different password for each device that you own.

对于大多数具有普通技术技能的人来说，创建不可破解的密码可能是遥不可及的，但是您可以采取一些步骤来确保您的密码难以破解。 确保您的密码长度足够长，请使用大小写字母以及混合使用的几个符号的组合，以达到良好的效果。 谨慎地定期更改您的密码，并为您拥有的每个设备使用不同的密码。

两步认证 (Two Step Authentication)

Sometimes just using strong password wont make your website safe from hackers. You should use two step authentication like Google Authenticator to increase website security. I am also using the same on this blog. I have to enter the random code generated in my phone along with the password to login to admin panel.

有时仅使用强密码就不会使您的网站免受黑客攻击。 您应该使用Google身份验证器之类的两步身份验证来提高网站安全性。 我也在此博客上使用了相同的内容。 我必须输入手机中生成的随机代码以及密码才能登录到管理面板。

服务器端验证 (Server Side Validation)

Use server side validation along with the validation at client side. The attacker may insert some malicious code that will corrupt the database. SQL injection is one of the most common attack.

使用服务器端验证以及客户端验证。 攻击者可能会插入一些恶意代码，这将破坏数据库。 SQL注入是最常见的攻击之一。

保持更新 (Stay Updated)

Since malicious software is constantly crawling through the web searching for weaknesses to exploit, it’s important to always keep your antivirus software up to date. Ensure that your computer or device is running the latest version of your antivirus software as these updates will often have countermeasures to protect against the latest iteration of malware currently out there. By postponing your security updates you’re actively increasing your chances of having your website compromised.

由于恶意软件不断在网上爬行，以寻找要利用的弱点，因此务必始终使防病毒软件保持最新。 确保您的计算机或设备正在运行最新版本的防病毒软件，因为这些更新通常会采取对策来防止当前存在的最新版本的恶意软件。 通过推迟安全更新，您正在积极增加遭受网站破坏的机会。

Make sure you follow above important website security tips to keep your site away from hackers.

确保您遵循上述重要的网站安全提示，以使您的网站远离黑客。

翻译自: https://www.thecrazyprogrammer.com/2017/08/website-security.html