How to teach new business clients about computer safety - General

Home Network, PC, and MQL5 Code Security

Ryan L Johnson · 2025-07-29T22:33:22.4847661Z

Several forum users have reported hacking and malware intrusion into trading platforms and pc's, so the purpose of this thread is to give some guidance about security measures. No one knows everything, and I certainly never claimed to, so please post up any additional or superior security measures that you have. I'm merely starting things off: Good security starts with the portion of your network that you have control over, which is your home network. For purposes of your home network, incoming data starts at your router. Log into your router firmware and find the settings for managing wireless devices by MAC address. Enable filtering by MAC address. This is designed to only allow MAC addresses that you enter into the router firmware to connect. Every wireless device is assigned a Wi-Fi machine address by its manufacturer. On most wireless devices, go to Settings ==> About" ==> Device (or thereabout)., and then enter it into your router settings accordingly. This includes any wireless pc's, laptops, phones, printers, smart TV's, etc. that you want to continue using with Wi-Fi. If a trusted visitor wants to use your Wi-Fi but won't disclose their MAC address, just say "Sorry. No can do." Hardwire your trading pc('s) directly to your router with an Ethernet cable. For additional layers of protection, including protection from interference, use shielded Ethernet cable and install a physical emergency Ethernet kill switch between you your trading pc('s) and your router. Such switches are generally wall mountable. Obviously, the switch must be easily accessible. If your pc notifies of an unauthorized download or connection starting, slap that switch open as fast as you can. Be sure to have your back-up trading device at the ready to temporarily monitor any open positions. Install Windows on your pc('s) using a security key (not using online sign-in). Create a unique login ID and password for each pc. Do not reuse your login credentials on multiple pc's. Make sure that at least Windows Defender is running and is properly configured for all apps that need access through the firewall. Microsoft Security is superior for real time protection on Windows pc's. If you're using Windows 7 or Windows 10 and Microsoft Security is no longer supported, make sure that any third-party real time protection apps don't interfere with Windows Defender. Keep all security apps updated. Turn off automatic pc connections and file sharing on all devices. When you want to connect to another pc on your home network, you can right click the lower left Windows icon in your desktop taskbar, click Run, enter two backslashes followed by the computer name (ex: \\my_laptop), and click OK--or you can go to your File Explorer, click on Network in the left frame, and click on the computer name. Either way, you'll get a pop-up window that asks you for the target computer's login credentials. Enter them and click OK, and the two pc's will connect. When you want to disconnect, do a taskbar search for Command Prompt. Make sure that you either are an Administrator or that you open as Administrator. In Command Prompt, type: net use * /del, and press Enter. Then confirm by typing Y and press Enter. This will forcibly disconnect all other network devices from your pc. Regarding MT5, set up and enable two factor authentication for your trading account(s), Your broker-dealer must support this. Not all broker-dealers do. Regarding MQL5 code, any executable file that can be run can generally be memory dumped. This hacking process is laborious and time consuming, but it is possible. Hackers use their own software to mimic the Tester's debug mode for memory dumping. Therefore, one solution is to disable backtesting in your source code. Indicators are much more difficult to dump, so you could also put much of your EA code into an indicator which is called by the EA (personally, I would not rely on this alone). Be sure to use mql5.com Cloud Protection when compiling source code. This adds an additional layer of encryption to the standard compiler encryption. Again, encryption does not affect memory dumping.

Michael Charles Schefe 2025.06.09 05:40 #11

While I am against using systems older than Windows 10, myself, I do have clients that have been using Windows XP and its good oldie, mail service, up until only few months ago. The only reason that they finally upgraded was because windows mail, and i dont think that was its name was it?, no longer loaded half of the html email any longer. They have never been hacked as far as they or I know, and i was always impressed even more, each time that I went over to their place to clean the system and the dust out of the box. The main reason that they werent hacked is purely due to the "tactics" we are discussing above; and it was rarely left connected to the www for longer than 1 hour when not being actually used by the client or myself; even tho the client did use it almost daily.

Security System - For How to Subscribe to Extended Authentication - Accounts

Ryan L Johnson 2025.06.09 13:38 #12

Michael Charles Schefe #:
The only reason that they finally upgraded was because windows mail, and i dont think that was its name was it?

It was either Windows Mail or Windows Live Mail. I want to say that Windows Mail was in Windows 98, and Windows Live Mail was in Windows XP, but don't quote me on that. We are going a ways back here.

Michael Charles Schefe #:
The main reason that they werent hacked is purely due to the "tactics" we are discussing above; and it was rarely left connected to the www for longer than 1 hour when not being actually used by the client or myself; even tho the client did use it almost daily.

I have to agree. Online habits are a big factor in safety. Online gaming, which requires heavy 2-way data transmission, is likely the biggest online risk.

Getting Started - MetaTrader Opening and Closing Positions Opening and Closing Positions

Michael Charles Schefe 2025.06.09 15:02 #13

Ryan L Johnson #:

It was either Windows Mail or Windows Live Mail. I want to say that Windows Mail was in Windows 98, and Windows Live Mail was in Windows XP, but don't quote me on that. We are going a ways back here.

I have to agree. Online habits are a big factor in safety. Online gaming, which requires heavy 2-way data transmission, is likely the biggest online risk.

yeah i will never understand why so many users leave their computers online overnight. That is the hardest thing to teach new business clients is to disable the internet when it is not required for work.

MetaTrader 5 for your Payments in MetaTrader 5 MQL5 Wizard: Development of

Ryan L Johnson 2025.06.09 15:25 #14

Michael Charles Schefe #:

yeah i will never understand why so many users leave their computers online overnight. That is the hardest thing to teach new business clients is to disable the internet when it is not required for work.

In my case, the reason is MFT swing trading in which profitable trades are held overnight (futures--no swaps). I guess that it depends on the type of business that one is engaged in.

Although a VPS could alleviate that, I'm a fan of good home networks and pc's instead of VPS's. To me, a VPS is an additional variable subject to Murphy's Law. I apply a similar principle to backups. It's my variation of the KISS principle--KILS (keep it local, stupid), if you will.

Fill Policy - Trading Fill Policy - Trading Trading Principles - Trade

Michael Charles Schefe 2025.06.09 19:28 #15

Ryan L Johnson #:

In my case, the reason is MFT swing trading in which profitable trades are held overnight (futures--no swaps). I guess that it depends on the type of business that one is engaged in.

Although a VPS could alleviate that, I'm a fan of good home networks and pc's instead of VPS's. To me, a VPS is an additional variable subject to Murphy's Law. I apply a similar principle to backups. It's my variation of the KISS principle--KILS (keep it local, stupid), if you will.

yeah, by users i was meaning non traders. obviously traders are more likely to require internet access overnight.

Ryan L Johnson 2025.06.11 18:13 #16

Windows 7 Microsoft Security Essentials still installs updates for Microsoft Malicious Software Removal Tool while Windows Defender is running. This is additional protection that operates alongside Windows Defender but it is not real time protection.

Ryan L Johnson 2025.07.04 18:27 #17

Important update regarding Windows 7 (actually, an anti-update)...

Windows Defender no longer runs in Windows 7 at all, and this is on top of MS Security Essentials (real time protection) and Windows patches having stopped updating years ago.

I now installed a free third-party scanning and real time protection application just to have literally anything for online threats if and when the machine is online.

Update of MetaTrader 5 Expert Advisor activation lost MT 4 Send message

William Roeder 2025.07.06 12:12 #18

Ryan L Johnson #: Important update regarding Windows 7

Most likely, by June 1 (2024), we will stop supporting Windows 7, as well as the remaining 32-bit terminals.
New MetaTrader 5 Platform build 4150: Trading report export and new machine learning methods in MQL5 - General - MQL5 programming forum #61 (2024)

Ryan L Johnson 2025.07.06 13:23 #19

William Roeder #:

Most likely, by June 1 (2024), we will stop supporting Windows 7, as well as the remaining 32-bit terminals.
New MetaTrader 5 Platform build 4150: Trading report export and new machine learning methods in MQL5 - General - MQL5 programming forum #61 (2024)

Thanks for the heads up. Although my trading and development is done on Windows 10 and 11 machines, I do periodically use the Windows 7 (64 bit) machine as a slave for testing signal receipt. I haven't used nor updated MT5 on that Windows 7 machine in quite a while, so I now know what to expect when I do so.

EAs stopped working on How to install EAa's MT4 broker server search

Ryan L Johnson 2025.07.15 15:09 #20

Addition to the numbered list in Post #1...

18. Many older wireless routers' encryption type defaults to WPA which is a "listening-in" security risk. On such wireless routers, be sure to reset encryption to WPA2. On newer wireless routers, use WPA3 for devices that support it. As mentioned in the OP, hardwired Ethernet connections remain the gold standard.

Cryptography MetaTrader 5 trading platform Download MetaTrader 5 build

Home Network, PC, and MQL5 Code Security - page 2