Security Question Issues

The issue with Security Questions A lot of online enterprises these days use security questions as a safety net in the event you get locked out of your account. You can answer the security questions to recover access to the account and update your password. Sound familiar? Most people see these as a blessing to make sure they always have access to their accounts because they are not going to forget answers like “Who is your youngest sibling?” Or “What High School did you go to?”. Though a safety net to you, these security questions open your account up for any attacker that knows how to get the correct answers. There are… Read More

Continue Reading

Social Engineering

Social Engineering? What is that? The basic way to explain Social Engineering is when a person is able to do nothing more than ask you questions and get answers needed to gain access to your accounts. Without realizing it, you can give crucial information to an attacker while just talking to them. An example of a phone conversation, where social engineering happens, would be, “The Gas company” calls, and says there is an issue with the billing on your account, and they give you some simple verification information, the name of the local company, your name, and address,  maybe even the balance due, and start to request vital information, such as social… Read More

Continue Reading

How to force SSL with .htaccess

Making sure your site is using SSL is important. Below are some simple lines of code to add to nearly any site to get it to redirect. Rememeber that setting this redirect within your site, likely means that it is using php for the redirect. Adding a redirect in php can slow your site down, where as the apache or nginx redirect will be much faster.    You can force an HTTPS connection on sites that run on a server that uses Apache, by adding these rules to the top of the .htaccess file: RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] If your server uses Nginx, add this to the top of the… Read More

Continue Reading

What is SSL? And why is it important

An SSL is an encryption method used for securely transferring data over a public network. When you visit a domain that is using https:// as the protocol in front of the domain name, it means you are using an SSL connection to the site. Any data you enter into the site will be transferred back to their server encrypted and secure. SSLs are a very important security feature that makes buying online a secure thing. Without some form of encryption in the transfer, credit card numbers, passwords, and other sensitive data would easily be obtained by attackers. When you browse to a site that you want to buy something from, … Read More

Continue Reading

What do I do if I think I am hacked?

Getting hacked is a nerve-wracking experience! The first thing to do is make sure to run a backup. Even though the site is hacked,  there may still be usable data to rebuild from. Make sure to save this backup locally, or off-server is possible. We have seen numerous instances where after some time the hacker will just delete all of the data. The next step is to get in contact your point of contact for site issues, usually either your host Or developer. If you are the developer, and your host does not provide support, unfortunately, you would usually be alone in the instances, and it would be up to… Read More

Continue Reading