Question: How do I keep my hosting account from being hacked?
1. More than anything else, it is important to keep your passwords secret and unique. No one else should have your password, not even your web host. If someone emails you pretending to be your web host or other authority and asks you for your password, do NOT believe it. Contact your web hosting company and let them know about the email. Also, make your password difficult to guess. Try to use a mixture of letters and numbers rather than a real word.
2. Always keep your personal computer clean from viruses and perform all of your security updates. Chances are, if you are infected with malware or a botnet, it will seek out the computers you connect to first, starting with your server.
3. Always keep third-party scripts and software up to date. This is crucial. You could have taken all other precautions, but if your shopping cart or forum has an unpatched security hole, you are in for a hurting — something that could affect your entire server and be grounds for account suspension.
4. Make sure that none of your files have world-writable permissions. In Linux, this means 777. In a file manager or FTP program, it might look like “-rwxrwxrwx”. Files should be either 755 (only for executable files, when a script requires it) or 644 (writeable only to you and read-only to everyone else). Those will look like “-rwxr-xr-x” and “-rw-r–r–“.