Preventing Attacks

You don't need a new website. You need to make your current website more effective! How can you do that? There is no single answer -- websites are part of a larger system, and you need to consider many different aspects to make your site effective. We've been making websites since the start of the web, and know what makes them work -- as well as not work. Take what we have learned to make your site better!
🕑Aug 28, 2013 🖋John Locke 💬0

Keeping up with the Changes

There's a few problems with setting up shop on the web. All of your competitors are right next door. You're in the worst neighborhood, with crooks inventing new tools to break in every day. That parking lot you just built now has to accommodate scooters and semi trucks.

sustainable business icon
Sustainable/Open Business
🕑Sep 01, 2011 🖋John Locke 💬11

Why auto updates are a very bad idea

A question came across the Drupal Developer's list today asking whether Drupal could auto-update itself, like WordPress. As someone who thinks about security a lot, the very thought of this horrifies me.

It's a bad idea for several reasons, but the biggest reason:

ask freelock icon
Ask Freelock
🕑Aug 26, 2011 🖋John Locke 💬0

My site needs to be secure. How will you address this?

That's the essence of a question I got today. And it's not one that can be answered easily, because there's no such thing as a site being "secure." It's not an either/or question, it's really a "how much" type of question. How hot is it today?

🕑Jul 27, 2011 🖋John Locke 💬0

A question of risk

July 2011

How would losing your web site affect your business?
That might seem like a silly question, but a surprising number of small organizations don't think it can happen to them. Think again -- web sites get lost all the time, through a variety of means. The server hosting your site might have a hardware failure. Your site might get hacked. Your web developer might accidentally delete something critical. Your host might go out of business, leaving you stranded. If you're in the tech world, you hear about these incidents all the time.

Limit the damage

No matter how diligent you are at preventing vulnerabilities and securing your environment, it's impossible to be completely secure on the Internet. What you can do is plan for how to limit the damage that people can do when they manage to compromise some part of your system. This line of thinking is called "Defense in depth" -- you can't just apply security updates and call it good.

Read More

Security Updates

Backups are the safety net and an absolute requirement. But the next most important part is doing what you can to stay out of trouble. We've all become accustomed to security updates on our computers. Today every operating system has an update system, and a huge number of attacks are on vulnerabilities that have fixes released but people have neglected to apply.

Read More

A question of risk

How would losing your web site affect your business?
That might seem like a silly question, but a surprising number of small organizations don't think it can happen to them. Think again -- web sites get lost all the time, through a variety of means. The server hosting your site might have a hardware failure. Your site might get hacked. Your web developer might accidentally delete something critical. Your host might go out of business, leaving you stranded. If you're in the tech world, you hear about these incidents all the time.

Read More
Subscribe to Preventing Attacks