Protect your website

From TCU Wiki

A threat faced by many NGOs, independent media and bloggers is having their voices muted because their website is down or has been defaced. This is a frustrating problem and can have a lot of causes like inadequate website maintenance, unreliable hosting, script-kiddies messing with a website, a 'denial of service' attack or a website takeover.

It is important to know that there are many reasons why your website can go down. It can range from technical problems at the company that hosts the website to a Content Management System (CMS) like Joomla or WordPress that hasn't been updated. Finding the problem and possible solutions to your website's problem can be cumbersome. It is good practice to contact your webmaster and the website hosting provider after diagnosing these common problems below. If none of these options are available to you, seek help from an organization you trust.

Source: https://digitalfirstaid.org/topics/website-not-working/

Threats to your website

Denial of service (DDoS) attacks - These attacks — undertaken by infected ‘bots’ — are intended to disable the targeted website and prevent access for legitimate users.

Mitigation strategies

Deflect is a robust and innovative website protection service designed to withstand distributed denial of service (DDoS) attacks. Deflect offers secure hosting, encrypted connections, advanced mitigation options and much more. Its a free service for qualifying organizations. https://equalit.ie/portfolio/deflect/

Organizations that can help

When choosing an organization to host and/or provide technical support for your website, these are some questions you will want to consider:

  • How is the company/organization structured and sustained? What types of vetting or reporting are they required to do, if any?
  • Consider what country/countries they have a legal presence in and which law enforcement and other legal requests they would be required to comply with.
  • What logs are created, and for how long are they available?
  • Are there restrictions regarding the type of content the service will host/proxy, and could they have an impact on your site?
  • Are there restrictions on the countries where they can provide service?
  • Do they accept a form of payment you can use? Can you afford their service?
  • Secure communications - you should be able to log in securely and communicate with the service provider privately.
  • Is there an option for two-factor authentication, to improve the security of administrator access? This or related secure access policies can help reduce the threat of other forms of attacks against your website.
  • What type of ongoing support will you have access to? Is there an additional cost for support, and/or will you receive sufficient support if you are using a "free" tier?
  • Can you "test-drive" your website before you move over via a staging site?
Retrieved from "https://wiki.digitalrights.community/index.php?title=Protect_your_website&oldid=49368"