How to protect Tibet rev 21 April 2014 to dir

Keep the bad guys out
You don't have to be a techie wizard
All you have to do is:
Close the doors!

Close the door to your computer

Keep your OS and your programs updated, always.
Most updates are security updates.
MS Windows – an open door
Anti-virus program – always active, always updated more info is here
Scan your computer daily.
Scan any thumb drive, downloaded files, cd, everything! every time! more info is here
Ubuntu, Fedora, GNU/Linux, Ubuntu, MacOSX – pretty well protected
You don't have to worry so much about yourself — but you still have to protect your friends.
Scan any thumb drive, downloaded files, cd, everything! every time! more info is here

Close the door online — working or playing

Secure connection:
Use 'https', not 'http' For Twitter, Facebook, Gmail -- anything that will take it!)
this way: https://facebook.com/ more about https
Use a VPN if you can!
yes it costs a little money - about US$50/year. I bet that's less than you spend a year on coffees and movies — even in India?
more about VPNs
Your email:
Use a secure email - Gmail with two-step authentication more མང་བ་
Don't click on links in email copy and paste the link, to be sure you know where it is taking you
Don't view in "html format" can bring you bad javascript and cookies
Disable images can bring you bad javascript, cookies, and malware
more about email security
Your wifi router:
The wifi password: it should be as strong as all your other passwords
The router admin password: it should be as strong as all your other passwords
Other router settings:
These settings are on different screens in different routers -- check the documentation or click around.
If you have no idea how to do these settings that's ok! Just make sure that whoever does them for you, does these things:
Don't allow router admin access through wifi — only through wire connection.
security type: WPA2-personal
encryption type: TKIP or AES

Close the door while making the web

File transfer:
Use SFTP (or WinSCP), not plain FTP, so your connection is encrypted (hidden).
ftp passwords need to be as strong as all other passwords
cPanel:
Go to your cPanel like this: yourdomain.org/securecpanel
Then it will always be using https, not http,
and the connection will be encrypted (hidden).
The cpanel password needs to be as strong as all other passwords
Accounts
Don't give the cPanel account to anyone.
It is not a regular ftp account — it controls everything about your website!
Don't give the same ftp account info to many people
Make a new account for each person who will upload files to the site.
Don't let old accounts lie around
When someone stops working on the site:
Delete the account.
or, if you are going to hand on the account to someone else:
Change the password.
Enable shell if you can! (even if you don't use the shell — even if you don't know what it is)
If you have a shell account, then you can also use SFTP (secure FTP) and your connection (and passsword!) is encrypted when you are uploading files to your site.
This can always be very helpful to your techie, if you are having some problem.
Website files and programs
Keep any php, javascripts, etc., secure and updated, always.
only files that belong to the website should be in the Document Root (public_html) Any backups, content sources, notes, other non-web files, should be downloaded and deleted — at the least, they should be moved up to the home directory.
WordPress (or any CMS or web program)
Keep your WordPress and plugins updated, always.
Most updates are security updates.
Don't give the WordPress admin account to anyone.
Make separate admin accounts for each admin.
(You shouldn't have more than one admin. You could have one in training. Jet plane has only one pilot!)
Don't let more than one person use a WordPress account.
Make a separate account for each editor/author.

Close the door everywhere!

Passwords:
Good strong ones!
How?
10 or 12 characters.
Letters, numbers, and punctuation. Nothing repeating.
Like this:   Ke28u;9sR!ah
more མང་བ་
Information:
Sending private information – Do not send passwords or other important information by email.
Saving passwords – Do not save passwords or other important information in your mailbox.
I'm sorry, but your email is not private.

Too much trouble to do all these things?

How much trouble is it to clean up a hacked website?
How much trouble is it for the Tibetans in prison inside Tibet, because information came about them through viruses on your hacked website? :(

Close the doors ...

if you don't do these things, there isn't any "hacking" required by anyone.
You left the door open for them all by yourself.

Want to do more to protect Tibet? Learn more here: