Steps to Secure Any Website How to proactively protect your ecommerce website Securing Your Website Although at Clarity we recommend DNN, there are security steps you can take for any website. These security recommendations range from simple to complex and cover many different aspects of potential security risks. No guide can accurately assess your specific security needs. If you would like to adequately secure your DNN website, contact Clarity today. Keep Up On Security Patches and Service Packs Windows authentication is much more secure than SQL authentication. When installing DNN both are enabled by default in ‘Mixed Mode’. You may turn off SQL authentication and run purely with Windows authentication. This paired with the next step, “Active directory Authentication,” brings your DNN instance under the security umbrella of your Windows Domain security, further reducing the chances of an outside attack. With this security step, your DNN implementation is only as secure as your Domain Active directory settings. Consider reevaluating your Windows Domain security requirements. Run Anti-Virus And Anti-Malware Software Scans In addition to the former Windows authentication for your DNN database, Windows Domain Security based in Active directory can be linked with your DNN instance logins and require Active directory authentication prior to accessing your DNN controls. This is the second step in bringing your DNN instance under the security umbrella of your Windows Domain security, further reducing the chances of an outside attack and providing more control over user permissions. Use a Firewall to Block All Ports Except 3389, 80, and 443 It’s recommended that if possible, you configure your email server to not support anonymous authentication. Log into host-host settings, and select basic or NTLM authentication, and provide any necessary username and password (or use the SMTPAuthentication , SMTPUsername and SMTPPassword template values). If using anonymous, it is recommended that you configure your mail server so it only accepts emails from non-routable IP ranges (i.e 127.0.0.1/10.0.0.*/192.168.1.*) and the IP address you’ve configured your web server as. Clarity Can Help Security is a serious matter, and is not something that can be fully accomplished with generic steps. Clarity Ventures is a DNN Gold Partner and can help with any DNN requirements you may have. From the creation of an entirely new website and modules, to an audit of your current website. Call Clarity today for a free quote.