In this post I will share with you how to secure a website.
Imagine what would happen if you woke up one morning to discover your website had been hacked.
Maybe your website has been defaced with another fake website using some embarrassing images or messages.
Or maybe your site is being used to send spam or Phishing emails out.
Aside from the professional damage and the cost to your reputation is that Google marks your website as being dodgy and removes it from their listings and the traffic dries up.
All of these can happen if you don’t take the necessary precautions to secure your website. These days security is really important. But just because it’s important it doesn’t necessarily need to be expensive.
So here are five surprisingly easy ways you can secure your website today.
Surprisingly Easy Security #1 – Automatic Backups
Getting hacked is one thing. Losing your entire website is another thing altogether.
If you do get hacked the first thing you’ll want to do is to restore a recent, non corrupted version of your site as soon as possible.
The advantage is that it is free, but it is a manual process and it requires that you remember to do the backup. We’re all busy and maybe backing up our website isn’t top of our list of priorities and if you forget to do it for a few days then your data will be out of date as and when you need it.
A better option is to use a completely automated website backup service so you can just set it and forget it. This type of backup service continually backs up your data and you can restore it from multiple data points (i.e. different dates) if required.
If your site is hosted on our cloud solution we offer automated backups for extra peace of mind.
Surprisingly Easy Security #2 – Up To Date Content Management System
A Content Management System (CMS) like WordPress or Joomla is a great tool to allow you to easily manage your website. If you’ve built your own site then you’re probably familiar with the layout of the CMS you use and its main features.
However, if someone else has built your website for you using a CMS then you may not be so familiar with this type of tool.
Whatever the situation, these types of software need to be kept up to date. Why? The simple reason is that they are updated regularly to offer new features but also to plug any security issues that have been identified. As CMS tend to be OpenSource software there is a lot of effort that goes into securing them.
CMS can also be used for popular shopping carts like PrestaShop and Magento so it is always important to be aware of updates.
You can check the latest versions of the most popular CMS at the links below. Of course, before you update any software make sure you have a current backup of your data:
Surprisingly Easy Security #3 – Up To Date Passwords
It might seem quite basic, but keeping your login credentials up to date is one of the most effective security measures you can make.
Things like Brute Force Attacks are increasingly common and can be used to crack passwords for a variety of logins like FTP, CMS, databases, emails or admin areas.
Here are the headlines to help you:
- Use a mix of characters (uppercase and lowercase), numbers, and special characters
- Use alternative passwords for different systems
- Frequently update your passwords and login credentials
There are also tools like RoboForm that can help you manage a large number of passwords and logins.
Surprisingly Easy Security #4 – Use HTTPS (SSL)
HTTPS is a way of offering a secure, encrypted link between a web browser and a website. You may be familiar with the secure padlock area used for accepting online payments. Until recently it was mainly the secure section of Ecommerce websites.
However, since Google announced that security was part of its ranking algorithm, more and more people are starting to adopt HTTPS for their entire websites. To set up HTTPS you will need an SSL certificate. SSL Certificates are fairly low cost.
By creating an encrypted link between the browser and the web server it becomes virtually impossible for a hacker to break into the connection and steal sensitive data.
Setting up an SSL Certificate is pretty straightforward and once it’s done you’ll need to migrate your files over to the HTTPS area and update your internal links to make sure they all point to the new HTTPS pages.
Surprisingly Easy Security #5 – Use a Web Application Firewall And Security Shield
For the ultimate in website security at a reasonable cost a Web Application Firewall (WAF) is a great option.
The way a WAF works is to continually scan your website for threats and Malware. In some cases when they identify them they will also remove them so that they can not do any harm.
Whichever WAF you choose you must be sure that it can address the most common threats as identified by OWASP.
They can also include a visible security shield on your website to reassure visitors that your website is safe.
But not only visitors. If your website is safe and secure then you can be sure that your site won’t be penalised by Google for hosting Malware or being responsible for sending Phishing emails.
Website Security doesn’t have to be complex or expensive. Just by taking basic precautions such as automated backups and changing passwords frequently you can protect yourself.
If you are using a CMS then you need to make sure that you keep up to date and use the latest and most secure version to thwart hackers.
Switching to HTTPS is slightly more complex but you get a double benefit of improving your website security and your Google ranking.
Finally using a WAF is a cost effective and proactive way to ensure that your website stays Malware free.
We hope you have found this guide useful on easy ways to secure your website.
Thanks for reading and leave your questions below to keep the conversation going.