08
Feb
Administrators of websites, and especially online stores, should regularly evaluate possible data exposure on their sites. Any time sensitive data is found by an administrator, passwords should be rotated for not only users but databases as well. Enabling two-factor authentication (2FA) can help mitigate any exposure of administrator login information. Analyzing logs for the web-server software in use can reveal unusually high activity from individual IP addresses. Rate limiting based on IP addresses and using security software like Fail2ban can help slow down attackers attempting to find exposed data.
https://www.bleepingcomputer.com/news/security/over-12-percent-of-analyzed-online-stores-expose-private-data-backups/
