How to save / protect my bank account from hackers?

If you are using net-banking or some other online transactions with your bank account, you should  be very careful about hackers. Here are some tips to avoid hackers and their attacking activities.

Protection from your devices:

• It should start from your Personal computer, Laptop, Mobile Phones, Tablets and other hand devices.
• Keep your devices clean with Anti Virus software. 
• Keep the devices with strong password. Do not share the passwords anyone.
• Your Operating System (OS) should be updated always.
• Do not install unwanted and unauthorized  Software's and Apps into your mobile/computer or devices.  Some of them may be Spywares, So they (hacker) can easily take your details from your devices.
• Use authorized bio metric applications to devices like finger print controlling, voice controlling etc.
• Always turn on Firewall into your system.
• Keep the browser and bank Application software's updated
• Do not open or operate your banking software's at public places and public network (Free Wifi). 
• Change your device passwords often, at-least every two weeks.
• Keep your devices away from children.
• If you are going to sell or exchanging your devices like mobile, laptop, You should delete / format  your confidential details on the devices. 
• Always delete your cookies / histories on your browser.

Protect your Email: 

• Do not share your email passwords to anyone.
• Enable some features like two step verification. When Sign in, you will receive a pin number to your mobile. You need both password and pin number to login. For more.
• Do not respond SPAM mails.
• Be aware of lottery frauds. Never respond them. They will send something like this, "You won $10000000/-. Please give your details to credit the amount into your account. We need the following details...etc."
• Always give your email address to the authorized person, company, websites. Because someone will take your email and use it for unwanted jobs (They will sell your email id for business promoting or marketing companies). 
• Be aware of your email settings like, Filtered and Blocked addresses, Forwarding and POP/IMAP. Because If someone hacked your password or email, first they will try to change your settings of email and block your important receiving mails and forward it to their email id.
• If you receiving any mails from bank with new offers, please contact your bank directly. Someone will send mail like this and try to get your details. If you click the link, sometimes it will go to fake site, exactly looking like your bank site . So be alert and check your bank url is correct.

Protection from bank:

• Check / Watch your bank account  transactions often.
• Do not give your credit / debit card details to anyone. 
• When online purchasing, be sure the website should be an authorized website like Amazon.
• Do not enter your credit card details on all websites.
• Do not store your ATM pin, CARD details, Password's on your mobile phones.
• If any new offer comes from bank, go to your bank, confirm it directly or confirm by phone.
• If your bank says to use this browser / app / software, then use the particular browser / app / software.
• Touch with your bank. Do not believe rumors, unwanted news, phone calls.
• If someone call you and say "I am the Manager from your bank, I need to confirm your details, so please give your PIN number, password etc" . Do not respond this person. Banks or Managers will never call and ask like this.
• Keep safe your digital signatures.
• Please avoid online transactions on public browsing centers or others devices ( may be your friend device)

How to secure WordPress websites?

No one like their website is hacked by someone else. Securing a WordPress website is not an easy job. In this article we will see how to secure our WordPress website and what are steps we need to take if our website is hacked.

What types of WordPress websites / activities - will hacked easily?

1. If you have lots of vulnerabilities available on your site, then your website is 90 to 100% chance to hack
2. Poor password like your pet name, phone numbers, easily guessing passwords (car number, lucky number)
3. If you didn't have HTTPS on your website URL.
4. robots.txt file enabled on your site
5. Uploading your files without scanning by Virus scanner
6. Sharing passwords to others without proper guidance
7. Using same password for long time
8. Installing FREE and unauthorized plugins, themes
9. Forget to changing passwords often.
10. Forget to changing passwords after the development (cpanel, wp-admin)
11. Forget to update security patches on theme, plugin, WordPress.
12. Social Engineering -> Some of them will talk with you at social media or somewhere else, And getting your password from your speech. 
13. Poor Web hosting, and not updating hosting security patches
14. Showing your domain details.(whois.com, you can find domain details, So hide or secure them when registering domain)
15. Bad encryption system at your database password
16. Using WordPress files in the same folder, You can separate them some other sub folder.
17. Giving full access permission to all files
18. WP_DEBUG is enable after the development
19. Allowing spam comments on your post and page.
20. Disabling firewall
21. Accessing your WordPress admin at FREE wifi network, or some poor networking system
22. Giving direct wp-admin link. You can use  or set alternate link instead of wp-admin.
23. Themes and plugins which is developed security not in mind.

How to avoid and secure your WordPress website:

1.  Always place your files at good hosting companies
2.  Keep one copy of your site files on your hardisk
3.  Install this plugin "Wordfence Security". It helps to protect your WordPress site.
   Link: https://wordpress.org/plugins/wordfence/
4. Limit access control - wp-admin
5. Do not use untrusted plugins and themes
6. Use hard or complex passwords. Change it every month or two weeks
7. Be clean your computer with virus scanner. Scan whenever you need.
8. Don't compromise to update WordPress, themes, plugins.
9. If find any bugs, please report it here .
10.  Find your webserver and network vulnerabilities, try to resolve them as soon as possible.
11. Use SFTP to send files.
12. Give proper file permissions. Don't compromise with permissions
13.  Change your default admin URL.
14.  Put your WordPress files on separate folder.
15. Disable file editing with the following code.
    

    define('DISALLOW_FILE_EDIT', true);

16. Use some good firewall plugins like iThemes Security, All in One WP Security, WordFence, Sheild 
17. Do not allow any unauthorized access to your Cpanel, FTP, wp-admin, Database.
18. Do not access your Cpanel/Admin at different computers, public places, browsing center. 
19. Disable debug code at wp-config (set as false)
20.  Monitor your website through security plugins
21. Learn about social engineering, it helps you how they are getting passwords from you.
22. Care  PHP and WordPress version. If there any updates and conflicts, do it properly.
23. Learn something about hackers, intruders, crackers.