While website hacker attacks are becomming more and more common nowadays. Securing your website have become a mandatory task not all small website owners are aware of.
Several weeks ago, the nameservers of a small hosting provider I know were being hacked and changed to point to a hacker's site. As a result, all sites hosted by that hosting provider suddenly went off the air. Whenever the sites went up, hackers put them down again in a few hours. Can it happen to you also?
CMS websites require contstant upgrade to keep them secure. But it's not always possible to do so. Upgrade your Drupal or Wordpress site to a newer version will give you some security upgrades, but some things may break. Make big upgrades, and your site will surely break. Some plugins or modules were not upgraded, some need manual upgrade. And CMS is only part of the stack - the hosting provider and the domain registrar should also be secure. Part of the security is on the hosting provider level.
So what to do?
The secret is having security systems which are external to the site. A rising service is cloudflare.com (free on the basic level). Not only it provides you with external nameservers (essential if your small web hosting provider is being hacked) but also with CDN, anti-hacker firewall, and blazing performance improvements. It will also decease spam. Even one of the features is enough to pay for, but getting everything for fre is a terrific deal (You will pay if you need SSL).
After moving your nameservers to Cloudflare, a second security improvement you can do is to point the cloudflare IP to Incapsula, which will provide a second layer of anti-hacker security which is even better.
Your hosting provider won't tell you (because moving your nameservers to cloudflare will make it much easier for you to move to another hosting provider). Your website builder will also have an interest to keep it secret, and use his own nameservers . But this is the right architecture! Don't say we didn't tell you.