Managing the files and scripts on every site is tricky. Storing testing scripts, test sites, improper definitions in robots.txt and incorrect directory permission may create security vulnerability to your web site. For a good website management, must follow these rules:
BASIC RULES FOR Website Management
Never use your web space as a storage. Consider this as the first rule in website management. Always keep your website clean. Only keep files and scripts that are needed. Remember, if you keep any unnecessary script on your website it can be detected by some search engines and if it has a security vulnerability, it makes your whole website vulnerable.
- Never grant permission 777 to any directory. Permission 777 means global read/write.
- Block directory browsing in the cPanel. Also, add an empty index.html file in any directory that does not have any index file.
If you want to test your scripts, use htaccess tools to password protect the directory where you are storing your test scripts/site.
- If you don’t use a plugin or module in your WordPress, PrestaShop, Magento or any other CMS, or you have some deactivated plugins or modules, it is better to delete them.
- Every week, check for modules and plugin updates and install them. It is important to keep your CMS-based site updated.
- If your developer has made some changes in your plugins and modules in order to customize them for your need, ask your developer to install the update of that plugin and immediately apply the required changes in that plugin or module.