Why is Website Security so Important?
In the digital world, your website is like your home and with any home, you should not only maintain it, clean it, upgrade it and ultimately protect it; but also ensure all the assets within the home are safe and secure, right?
You should be looking at your website the exact same way. You need to be cleaning it, updating it, keeping it secure and functioning as best as possible.
If you don’t you could be facing some serious heartache, loss of time and money!
Besides the serious damage to your business revenue and reputation, a hacked website can reveal all yours and your customers information and passwords. It allows the installation of malicious software and possibly even ransom ware.
(For a more technical explanation of website security read this article from Mimecast – a leader in online security.)
These are just a few ways Hackers can literally break your online presence. So let’s take a quick look at 8 items that you can do to vastly enhance your security and reduce the risk of a cyber attack!
1. SSL Certificates
Secure Sockets Layer (SSL) certificates are an industry standard used by millions of websites to protect their online transactions with their customers.
We insist that all websites we build and manage have an SSL installed. Obtaining one from your hosting company should be one of the first steps you take to secure your website.
Read part 2 of this blog post “The importance of a reputable hosting company” for more hosting related security measures that you can take.
2. Security Plugins
Installing a reputable security plugin will add some extra layers of protection to your website without requiring too much effort from your part.
Once ready to launch, we install our preferred security plugin and customise its settings to offer the most protection without compromising your websites performance. For more info on how WordPress handles the core codes security, read this article.
3. Update Software
If you aren’t updating your WordPress website, then you are more likely using an out-dated version of WordPress that will have vulnerabilities. Your site is at a higher risk of being attacked.
Keeping your site up to date at all times is critical in maintaining the security and stability of your site. This includes your themes and plugins.
Whenever a WordPress security vulnerability is reported, an update that fixes the issue is worked on and released.
4. Reputable Themes and Plugins
Only use plugins and themes from trusted and reputable developers.
If a plugin or theme wasn’t developed by a credible source, you are probably safer not using it, obviously at your own discretion.
So yes, the thousands of “FREE” themes and plugins out there may not be your best option, but rather a paid for option that will be better in the long run.
Back up your website as often as you make changes to it.
After you do a software update or add new content so that you always have a current backup of your site.
That way if something does happen to your website, you can quickly restore a previous version of it and get back up and running faster.
6. Never Use “Admin” Username
Possibly the most easiest way for hackers to gain access to your website is via a low threshold username and password.
Because “admin” is the default username for a WordPress setup, it makes it much easier for scammers to trick people into giving away their login credentials. It’s like using the password 1234. Which leads us onto…
7. Strong Passwords
The stronger your password is, the less likely you are to be a victim of a cyber attack. This applies to your email, Facebook, website, and banking passwords. Yes it’s easier if you have one password for all your items, but this puts you, your users, and your website at risk.
Improving your password strength decreases the chances of being hacked. All our websites enforce a strong password rule once launched!
8. Change default login pages
Since WordPress is open source, hackers know the login page to your site and can easily access this page.
This makes it easy for hackers to start trying to break into your website. Add this to the known default username and already you have 2 out of the 3 things you need to access your Admin Dashboard.
There are quite a few more advanced measures that can be taken to truly secure your site, but unless you are have extremely confidential information on thousands of people, lets say, like a bank, there may not be a need for those extreme measures. For a full breakdown and comprehensive guide on security, check out this great article.
At the end of the day, if we go back to “our house” analogy; when you have come home from a long hard days work, and find your house has been broken into and all your possessions have been stolen or destroyed, would you be glad you saved a few bucks and not had those extra security measures installed? I think not!
If this is all too much for you, then let Banter maintain your site for you and handle all this complicated stuff.
We do all software updates, as needed, security updates, backups and SEO reporting for a nominal fee.
Contact us before your website is hacked.
Be sure to read the second blog post in this security mini series: The importance of a reputable hosting company.