Pinterest Stumbleupon Whatsapp
Ads by Google

secure web hostingStarting your own website or blog is not necessarily a complicated or difficult process. These days, registering a domain and hosting a site is fast, easy and relatively inexpensive. For a new website or blog, you can be up and running in a matter of a couple of days, assuming you’ve already designed and written your website.

For a new website, that’s great. You might have a few visitors trickling in at first. Maybe you went for the economical approach and opted for the cheapest hosting plan you could find. During those early days, you can withstand an occasional hour or two of downtime when other users consume all of the bandwidth – no one will scream at you.


However, once your traffic starts taking off and you establish a certain level of readership and a regular following – you’ll find that people depend on you for regular content. They depend on your uptime. You’ll also find that you’re more likely to get attacked by hackers looking to either sabotage your site or, even worse, hijack your domain – you need secure web hosting and to protect your domain.

If you haven’t seen Aibek’s interview on Foundora, check it out. He describes how the MUO domain was once hijacked and held hostage for $2000. Seriously. So here at MUO, we are now really big into security. You can check out Saikat’s list of browser security checks 7 Browser Security Tests to Try Out and Prevent Exploit Attacks 7 Browser Security Tests to Try Out and Prevent Exploit Attacks Read More or Damien’s list of WordPress security 18 Wordpress Security Plugins & Tips To Secure Your Blog 18 Wordpress Security Plugins & Tips To Secure Your Blog Read More plugins. However, what I want to touch on a bit today is your domain and hosting security.

Protecting Your Domain

At first, that domain name that you’ve registered seems ridiculously cheap considering that it represents what should eventually become your brand. The domain name is how people are going to learn about you, link to you, and recognize you. In time, it will represent everything that your website stands for. It’s going to serve on the front lines of your SEO battles. As your site grows, your domain name becomes the single most critical element of your business.

secure web hosting

Ads by Google

Private domain registration is your first wall of defense against domain hijacking. The problem with the early days of domain registration is that you had your private contact information tied to the Whois record – meaning anyone that searched for the registration records of your URL could identify where you lived, your phone number and your email address. With your email address, hackers may start to send phishing emails with the hopes that you’re gullible enough to bite.

private domain registration

By now, you should know better than to click on such emails. Never, ever log into your domain account from a link within an email. Always go directly to the registrar’s website and log into your domain account directly. Even though it might double the yearly cost of your domain, private domain registration will also cut down on telemarketers. Before I started using private domains, I had SEO companies constantly calling to ask whether I wanted to use their services for my website. Avoid the hassle – hide your identity with private registration.

Protecting Your Website

There are a number of areas within your hosting account that you’ll need to double check to verify that you have a secure web hosting account. The most important is obviously the password that you use to log into the hosting account itself. Go into the account settings and change your password.  Most hosts now feature a gauge that tells you how strong your password is.

private domain registration

Choose a password that has capital and lower case numbers, letters, and even a special character or two thrown in for good measure. Try to follow the guidelines below for the best security.

  • Never use the same password for your host account as you used for your domain registration.
  • Never use the same password for domain registration as you use for your email account.
  • Use a unique, strong password on all three systems – just make sure they are all different.

By avoiding the same password on different accounts, you significantly reduce the risk that if one account is ever hacked, the hacker will not have access to your other systems.

Another security concern to review on your site is folder permissions. Check folders within your public_html folder to ensure that they are either 755 or 644 for www readability. You should not find any folders that are set with 777 for permissions.

private domain registration

Also, take some time to review the security tools that your web host offers. Sometimes there are some pretty cool utilities that you can use to further lock down your hosting account and private directories or files from prying eyes. For example, I’ve discovered that my hosting account offers a useful password protection feature on any select web directory that I choose.

Finally, go into your admin panel for your MySQL databases and double check all of the passwords there too. They shouldn’t match any of your other passwords, and they should be ultra-strong passwords, just like all of your others.

secure web hosting

In the end, the ultimate security in protecting your domain from being hijacked comes from the private domain registration service. For a small additional fee, you’ll have tremendous peace of mind knowing that scammers, spammers and other criminals can’t see or even hope to access your personal information. Beyond that tool, make sure to lock down your hosting and email accounts as well, and you’ll enjoy years of trouble-free website ownership.

What other tips do you have for protecting your domain from hijackers or hackers? Has your domain ever been hijacked? Share your advice and experiences in the comments section below.

Image credit: IngerM

  1. Nat Jay
    November 25, 2010 at 5:29 am

    Talking abut domains, I feel it's best to register it for more than 1 year (ideally 2-3 years) so as to avoid accidental expiry. Given the different hats that a webmaster wears, it's easy to forget something simple as domain name renewal. There are people online who scout for "dropped domains" or expired domains, and if your domain name is valuable in terms of branding or traffic, it can be easily picked up and held hostage by others.

    • Aibek
      November 28, 2010 at 10:23 am

      I would also suggest setting up the domain to auto renew itself.

Leave a Reply

Your email address will not be published. Required fields are marked *