Want to know how much website downtime costs, and the impact it can have on your business?
Find out everything you need to know in our new uptime monitoring whitepaper 2021
Website hacking has become a common occurrence. Within the past few months, hackers have penetrated websites of businesses and agencies as disparate as the Venezuelan army, the UK National Lottery, the Hungarian Human Rights Foundation, KFC, and Tesco Bank.
If you run an e-commerce site, you run the risk of hackers trying to steal your customer’s personal data to commit identity theft. You may think you’re not at risk because your site does not contain any sensitive data, but that is not a good assumption. Hackers are increasing breaching sites to get access to servers they can use to send spam or attract visitors to buy their products. For example, if you search Google for the phrase “buy meds online,” the top-ranked result is a link to a London-based specialty book publisher. It’s unlikely the company is selling pharmaceuticals, but it is almost certain that hackers have compromised the site.
While there are no measures that can provide 100% protection against hackers, you can take steps to discourage them and send them looking elsewhere for a target.
Keep your software and systems updated
It is essential that all software you use on your site is current. Outdated software is one of the easiest ways hackers can use to gain access to your site by using known flaws. If you have a dedicated server, also be sure you are using the latest version of its operating system.
If you use plug-ins from a third party, be sure you apply any updates or security patches as soon as they are available. Before you install any new plug-ins, do your research to ensure they are trustworthy. Promptly remove any outdated plug-ins from your server when you no longer use them.
Use strong passwords
Hackers often try to gain access to the administrative areas of a website by trying to guess various combinations of usernames and passwords – don’t make it easy for them. Always use a combination of lower and uppercase letters, numbers and special characters when you create passwords and be sure to change them frequently. As ridiculous as it sounds, many individuals and companies still use passwords that are easy to guess, including 123456, qwerty, abcdefg and password!
Do not use the same password for every administrative function, and change your passwords regularly. Always encrypt your passwords when you store them for further protection against hackers.
Limit file uploads
Use great care if you allow users to upload files to your site, as a hacker may use this function to upload an executable file to try to get access. Prevent users from direct access to any files they upload by storing them in a location separate from the root directory and changing the permissions associated with those files to prevent users from executing them.
Conduct penetration tests
There are both free and paid tools available that you can use to conduct penetration tests to simulate hacking attacks. Consider conducting penetration tests on a regular basis to see if your site has vulnerabilities that need correcting before potential hackers find them.
Slow page loading time can be a symptom of a hacked website, so consider using a website monitoring service to detect any performance degradation promptly. You can also use this type of service to alert you when content on a page unexpectedly changes.
StatusCake Team
Share this
More from StatusCake
When Code Becomes Cheap: The New Reliability Constraint in Software Engineering
4 min read How AI Is Shifting Software Engineering’s Primary Constraint For most of the history of software engineering, the primary constraint was production. Code was expensive, skilled engineers were scarce, and shipping features required concentrated human effort. Velocity was limited by how fast people could reason, implement, test, and deploy. That constraint shaped everything from team size,
James Barnes
March 25, 2026
Buy vs Build in the Age of AI (Part 3)
5 min read Autonomous Code, Trust Boundaries, and Why Governance Now Matters More Than Ever In Part 1, we looked at how AI has reduced the cost of building monitoring tools. Then in Part 2, we explored the operational and economic burden of owning them. Now we need to talk about something deeper. Because the real shift isn’t
James Barnes
March 18, 2026
Buy vs Build in the Age of AI (Part 2)
6 min read The Real Cost of Owning Monitoring Isn’t Code — It’s Everything Else In Part 1, we explored how AI has dramatically reduced the cost of building monitoring tooling. That much is clear. You can scaffold uptime checks quickly, generate alert logic in minutes, and set-up dashboards faster than most teams used to schedule the kickoff
James Barnes
March 11, 2026
Buy vs Build in the Age of AI (Part 1)
5 min read AI Has Made Building Monitoring Easy. It Hasn’t Made Owning It Any Easier. A few months ago, I spoke to an engineering manager who proudly told me they had rebuilt their monitoring stack over a long weekend. They’d used AI to scaffold synthetic checks. They’d generated alert logic with dynamic thresholds. They’d then wired everything
James Barnes
March 4, 2026
Alerting Is a Socio-Technical System
3 min read In the previous posts, we’ve looked at how alert noise emerges from design decisions, why notification lists fail to create accountability, and why alerts only work when they’re designed around a clear outcome. Taken together, these ideas point to a broader conclusion. That alerting is not just a technical system, it’s a socio-technical one. Alerting
James Barnes
February 25, 2026
Designing Alerts for Action
3 min read In the first two posts of this series, we explored how alert noise emerges from design decisions, and why notification lists fail to create accountability when responsibility is unclear. There’s a deeper issue underneath both of those problems. Many alerting systems are designed without being clear about the outcome they’re meant to produce. When teams
James Barnes
February 18, 2026