On August 3, 2012, the Wired journalist Matt Honan sadly had his entire digital life, including his email and social media accounts, ripped apart by criminal hackers. It could have been avoided had he been doing two things.
First, using two-factor authentication to login to his accounts, which is when you get sent a code on your phone to login, in addition to your normal password. If you don't have your phone, you can't login but neither can anyone else. Second, by using harder passwords more than at least 16 characters long.
Set Up Two-Factor Authentication on My HostJane
At HostJane we have two-factor authentication available in My HostJane (User > Manage Account > Authentication), protecting your website and billing data, and all support tickets.
Additionally, we also enable 2-factor in our PlainSpeed hosting through your cPanel backend. We encourage you to download Google Authenticator and enable 2-factor which is a quick and cheap step to securing your logins.
Use Strong Passwords
HostJane's password generator lets you generate hard, military-level passwords that even sophisticated hackers will not be able to break and no one will be able to guess.
When using the internet, you can do a few other things to protect your hosting account to ensure you are not easily made into a victim of online hacking:
wpconfig.phpto ensure new versions install automatically. Use a child theme so you can continue to update to the latest version of WordPress on your site without messing up your site's development progress in every update.
Set up Server Login Notifications by Email
If you're HostJane server allows root access (all our servers are run on Ubuntu except for cPanel/WHM which use CentOS or unless otherwise specified), you can enable SSH Login notifications from your Ubuntu server, so that anytime someone logs into the server you'll be sent an email for security.
Using the nano command-line text editor, type:
sudo if you are using another user you have given root privileges
Scroll to the bottom of the file and enter the following:
IP="$(echo $SSH_CONNECTION | cut -d " " -f 1)" HOSTNAME=$(hostname) NOW=$(date +"%e %b %Y, %a %r") echo 'Someone from '$IP' logged into '$HOSTNAME' on '$NOW'.' | mail -s 'SSH Login Notification' YOU@YOUREMAIL.COM
You will need to replace
YOU@YOUREMAIL.COM with the email address you wish the server to contact on logins.
Write the changes to the file by typing
ctrl + Othen press
Exit to the command line with
ctrl + x
You may need to install the
apt install mailutils
Follow the instructions at the
prompt to configure your service.
You will now be notified free by your server of all future logins.