Is it possible to 100% stop web hacking

We keep getting hacked and our web guy is doing everything he knows possible to stop it.  Our communications Director thinks she can fix the problem by switching to another provider.  I have no security knowledge, but from what I do know, it is not possible to 100% insure your site is hack free.

I'd like some EE opinions
J.R. SitmanIT DirectorAsked:
Who is Participating?
 
marine7275Connect With a Mentor Commented:
LOL. the only 100% way not to get hacked is not be connected to the internet. I would suggest getting a security company like Fishnet involved to assist you way and how you keep getting hacked and they can help you lower your risk and manage your site more effectively.
0
 
Scott Fell, EE MVEConnect With a Mentor Developer & EE ModeratorCommented:
You can never 100% stop.  But there are things you can do to protect yourself.  Many of the hacks have to do with common holes.  

For instance word press  or any open source cms, the bad guys already  know where to look.  There was a major issue with wordpress and plesk and plesk got a patch out right away.   Also watch for any plug ins you are using.  Those can be sources of security holes.

Make sure any cms software is up to date.  Make sure any control panel software is up to date (plesk cpanel).  Make sure if you are accepting user input you are scrubbing input.

You would need to give more info for your specific situation.   But more then likely your hack attacks are something easy.
0
 
Richard DavisConnect With a Mentor Senior Web DeveloperCommented:
Your web guy likely needs to beef up his knowledge about web servers and security best practices.

marine7275 answered your question best with the seemingly sarcastic, albeit true statement about not being connected to the internet.

Large corporations around the world get hacked everyday and spend countless hundreds of thousands of dollars trying to keep their systems secure. There is no real way to prevent a determined hacker though. Much like locks on your doors, they're only meant to keep the "honest" people out.

My general consensus on on computer/server security has always been that if it talks in 1s & 0s, it can be hacked. Your web guy would be best served to read up on lock down procedures and security best practices.
0
 
Scott Fell, EE MVEConnect With a Mentor Developer & EE ModeratorCommented:
When you say switch to another provider?   Your security hole is not going to change by simply moving from one host to another.
0
 
J.R. SitmanIT DirectorAuthor Commented:
Thanks for confirming what I thought.  Also @padas, very good point.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.