Sometimes the obvious is anything but.

You’re busy. It’s easy to slack off and let hackers have their way with the shared or dedicated host your website is living on. Maybe it’s a company site. Maybe you or your users have blogs on serious but now all too easy-to-use CMS systems you wish you didn’t have to think about. Or maybe, like so many IT folks, you’re a CTO by day and an unofficial IT guy for friends and family on the off hours.

Any way you slice it, you’ve still got to worry about website security. It’s not fun and it’s not sexy. But do what you’ve got to do. Hackers and other miscreants compromise websites all the time — and you don’t have to be a Citibank or the FBI to be a likely target.

Hackers know how lax most website owners are, says Mat Lee, a tech pro in Kalispell, MT. “Far too many site owners bother with regular CMS updates, password changes and regular software updates and patches,” he says. “It is critical you keep your site up-to-date,” he says.

Adds Jeremy Lesniak, founder and CTO of Vermont Computing in Randolph, VT, “Never put that off. Especially if you’re on a dedicated host, where you’re responsible for everything from OS updates to kernel patches.” If you’re lazy about this, you’re better off switching to a shared host, where at least you’ll get some tech support.

Avoid spam, phishing, redirects and malware — and don’t give hackers the opportunity to fool your URL filtering system or steal precious bandwidth. Attacks on small to medium-size sites are on the rise.

“Scan your systems regularly, use strong and long passwords and remove any plug-in you don’t use,” adds Lesniak. Check out the graphic below for some insight on how and why sites are under attack — and make sure you know what to about it. (Graphic courtesy: Commtouch)