How To Protect Your Website From Being Hacked
How would you feel if you woke up one day and your website had been hacked?
Maybe your site’s been suspended by your hosting company or even worse it’s disappeared or been replaced by something you definitely don’t want your clients to see.
It’s every business owner’s nightmare.
In truth, some businesses never recover from this.
How Do I Protect My Website?
Well keep watching because I’m going to give you a plan of attack to make sure you protect your business. I’ll explain:
- Who’s responsible for securing your website (hint – the clue’s in the word ‘you’)
- How expensive hacking can be for your business
- How most hacks occur & how to stop them dead in their tracks
- & I’ll give you 5 low cost ways to protect your website and your online reputation
Hi, I’m Tony Messer – the founder of Pickaweb, the web hosting company that helps businesses get online, get found and get more customers.
I’ve worked with thousands of businesses of all sizes and we host tens of thousands of websites so we’ve got plenty of experience helping our customers secure their websites.
Who’s Responsible For Your Website Security?
Well, let me give you an analogy, think of your web hosting as being like an apartment block.
Your hosting company will ensure that the front doors and any other entrances are fully secure.
We’ll also ensure that all facilities are up to date, safe, functioning correctly and are in line with regulations and best practice.
However, we don’t control what happens inside each apartment room within the block.
So ultimately – you are responsible for what happens in your hosting account.
So How Much Would It Cost You If You Get Hacked?
In the worse case scenario you’re going to need an experienced developer. Let’s assume you can find one at short notice. Maybe £75 an hour.
If it’s the weekend or a holiday – double that.
You’re going to be in for maybe 7 or 8 hours – at double time that could be £1000 to put everything straight, easily.
And this all assumes that they have access to your backup data.
You are backing your data up aren’t you?
How Do Hacks Happen?
Well, hackers don’t publish their modus operandi but they’re looking for any weakness they can exploit.
It could be out of date software, weak passwords, or whatever.
It’s nothing personal against you – you’ve not been singled out on a personal or business level.
They use automated tools to look for weaknesses & when they find them they just do their stuff.
But once they’ve got control they can do all sorts of damage whether it’s just defacing your website, exploiting it to send phishing emails or using your website as part of a Dedicated Denial of Service or DDoS attack.
But you can protect yourself
5 Low Cost Ways To Prevent Your Website Getting Hacked.
Number 1 – Perform Regular Automated Backups.
Data backup is your first line of defence. If your data’s safe the chances are you can recover.
You can manually backup your data using the free cPanel backup feature. But we’re all busy & sometimes we forget these things.
The belt and braces approach is to protect yourself with an automated backup service where your data is backed up to a different physical server.
You can just set it & forget it.
A secure backup using a tool like like r1soft/idera is money well spent. You can restore from different data points and dates so you’re in total control.
Annual cost? Just £40 – that’s 10p a day for peace of mind. If you do nothing else, do this to make sure your data is safe.
Number 2 – Keep Your Website Software Up to Date
This is a really common issue. Let’s say you use a tool like WordPress for your site.
It needs to be kept up to date. You can find the latest version on the website of the software you’re using.
Just search in Google for ‘latest WordPress version’ or whatever.
Also, if you’re using plugins – they need to be updated too.
Cost to fix? More or less zero.
If you’re not a techie then ask your hosting company for help, otherwise a developer can do this for you.
Number 3 – Passwords
Having different passwords just comes with the territory.
You’re gonna have passwords for FTP, Content Management Systems, databases, emails or whatever.
Keep them strong and change them frequently. There are all sorts of tools you can use to manage passwords so you can stay on top of it.
Again low tech, low cost and easy to do. Cost to fix? Zero.
Number 4 – Switch to HTTPS (SSL)
You might recognize HTTPS as being the secure padlock area of your website.
Before it was for secure payment pages but it’s increasingly the basic level of website security.
It’s also a Google ranking factor so more & more websites are using it.
It works by creating an encrypted and impregnable link between your website and anyone browsing it so no data can be intercepted by hackers.
You’ll need an SSL certificate for this.
Cost to Fix? An SSL certificate costs £29 a year.
You’ll need to make some tweaks to your website but that won’t take an experienced Developer very long if you don’t have a massive website.
Number 5 – Set Up A Web Application Firewall or WAF
You’ve got anti virus for your PC haven’t you? Well think of a WAF as being like an antivirus for your website.
It’s a security software that continually scans your website and monitors traffic and data for known threats.
Certain WAFs will not only identify the threat but also eliminate it so that it is dealt with immediately.
They will also usually have a clickable Security ‘Shield’ to reassure potential customers that your website is safe and secure.
Cost to fix? We’ve got a SiteLock service that will do the job for just £40 a year.
So there you go. Sure, security costs but it’s much cheaper than no security.
I hope you found this video on how to protect your website useful. If you did please leave a comment below and let me know whether you’re using any of these techniques. I really appreciate it, I always read them & I will get back to you.
Also share it with your friends or anyone you know who’s got a website.