Listing your site for sale on Flippa? Before you do, make sure your site and account security is bulletproof.
As much as the Internet is an amazing place full of tremendous opportunity, there are also a handful of folk making life less ideal for the rest of us.
This month saw these charlatans score a few wins unfortunately — firstly with the ongoing phishing attempts to steal domain passwords, and then the appearance of the TimThumb exploit that impacted so many WordPress sites.
As unpleasant as these events may be, they also serve as a handy reminder about having the basics of security covered when running (or selling!) a website.
After all, no one wants to buy a hacked site — or one that comes complete with security holes.
Recently, a number of sellers were victims of a phishing attack that saw their email accounts and websites compromised. If your password security is lax, you’re leaving yourself — and your websites — open to malicious activity.
Of course, site owners have to manage a range of security issues, and potential buyers are as concerned by sites’ likely security issues as are their current owners.
Let’s look at some of the main security issues you need to manage as a site owner or seller on Flippa.
Assess these security concerns before listing a site for sale
If your email password security isn’t sound, anyone who hacks into your email account can also gain access to any site or service accounts that are registered with that email address.
Using a unique, complex password on your email account is essential. And being astute when you’re online — for example, being cautious about potential scams, wary of unsolicited email, and careful when you’re entering your password in public spaces — is also crucial.
It’s also important to avoid using email to share passwords or access details with buyers. If you must send login details this way, make sure the details are specific to the buyers’ account — not yours — and have the buyer change the password immediately upon log in.
Site hosting and services
Of course it’s critical that your hosting login details are unique and secure. But also keep in mind that the services you attach to your site can expose your online property to malicious activity.
The recent vulnerability in TimThumb, a third-party plugin for WordPress, affected a number of sites listed on Flippa.
Site owners using networked systems like these have to balance their need to use the latest, handiest services and plugins against the potential for these open source tools to introduce vulnerabilities into their sites.
In any case, if you’re using third-party platforms and services on your blog, keep an eye on their support or development forums for alerts about service vulnerabilities and potential issues. Technology news sites are also good sources of this kind of information.
Your Flippa account
To reset your password, sign into Flippa, and select Settings from the Your Account menu. Click on Change Password to enter your new, more secure password.
Of course, if you forget your password, you can request a new password to be sent to your email account instantly, using the Password Reset link on the Login page.
Flippa chief, Dave Slutzkin, found this interesting take by webcomic xkcd about secure passwords (wikipedia has descriptions about bits, entropy and hashes if you’re like me and didn’t know what they meant!):
Has your site’s security ever been compromised? Do you have any tried and true passwords? Share your tips and advice below.
Image: Scott Schiller