Website Security FTP Passwords
I have several hosting accounts across different providers(can’t afford dedicated servers yet). The good thing about having a standard hosting/reseller account is the security is handled by the hosting company.
This doesn’t mean that your totally safe, One of the most basic security errors we can make is with ftp Passwords.
The temptation is to have a master ftp account which has access to all domains and as such can make alterations to any pages within that hosting account.
This is the easiest option, but not the safest.
When creating an ftp account you should have the option of restricting an ftp account to a folder on your hosting. I would do this for each of your domains, create a different Username/password combination for each domain and restrict them to that folder.
In the event that someone does manage to get into your ftp then they can only access that one folder limiting the damage and the repair work you will have to do.
It’s saved me a lot of trouble when one of my ftp accounts was accessed.
I would also do similar with Databases create a new user for each database rather than a master account to control them all.
And last but not least, your paying a lot of money to yout hosting company, if you have any problems, get in touch make them work for their money.
