When you’re starting off in business or if you’re an SME, you may not think your site has anything worth sealing. But the reality is websites are accessed all the time without the owner’s knowledge. The majority of website hacks that happen and on a day to day bases are not to steal your data or mess with your websites layout. But are instead, attempts to use your website’s server as an email relay for spam or to set up a temporary web server. Other very common ways to abuse a compromised website include redirecting your website visitors onto another website that would be of a more dubious nature.
Hacking is regularly performed by automated scripts (or Bots) written to scour the internet in an attempt to exploit known website security issues in software. Here are our main tips to help keep you and your site safe online.
The two things you
Need To Do!
1. Keep software up to date:
It may seem obvious, but ensuring you keep all software up to date is vital in keeping your site secure. For the purposes of this article, this refers to the software you may be running on your websites, such as a CMS (Content Management System eg: WordPress) any themes you are using for your framework and any additional functionality plugins the might be running.
When website security holes are found in software, hackers are quick to attempt to abuse them. Make sure to backup your website before you make any updates to ensure you have something to revert back to if something goes wrong. Or ideally, sign up to a service plan with a Web Design provider to ensure that everything is back up and running after each and every update.
2. Make better Passwords:
Everyone knows they should use complex passwords, but that doesn’t mean they always do. It is crucial to use strong passwords to your server and website admin area, but equally also important to insist on good password practices for your users to protect the security of their accounts.
As much as users may not like it, enforcing password requirements such as a minimum of around eight characters, including an uppercase letter and number will help to protect their information in the long run.
Of course there are a lot more options you can use when it comes to website security, for example, malware monitoring software, two factor authentication, server side brute force blockers and so on and so on. This post is not to give all the options, It’s to give you the two main options that the VERY minimum you should be doing to secure your website.
If your not doing these and there are no other measures in place, realistically its not a matter of if your website gets infected, but when.
We will be posting more tips and advice over the coming weeks and months, so keep an eye on the hob for new posts.