How to make sure your website is secure.
You’ve put all your energy into getting an amazing website and you’re telling your story to the world. That’s nice. But….
there is more to this story, sadly. The reality is, there are people out there that want to bring your site to its knees. Some for financial gain, some for identity theft, some political, and others, well, just because they can. I’m going to give you some tips on how to avoid hackers. Remember, no security is perfect, but you can do a lot to give your website the best possible security against targeted or random attacks.
I’m not trying to scare you, but that is the sad truth, and if you think you’re immune because you’re a small business, think again. According to Fundera.com, 43% of cyber attacks target small businesses.
Statistics also show that 73.9% of hacked sites were hacked for SEO purposes – hackers can add links and web pages to your website, they can even show a completely different site to Google. This can in turn lead to blacklisting, a devastating result.
SSL, making your site more secure.
HTTPS uses a secure certificate, known as an SSL cert. SSL is an abbreviation for “secure sockets layer”. This is what creates a secure, encrypted connection between a browser and a server. Here is a great example from Semrush of what happens. Notice how HTTP differs from HTTPS.
An SSL certificate will show your visitors this padlock.
Definitely, you will want to put HTTPS at the top of your list for security purposes. You certainly wouldn’t want visitors to your site seeing Not Secure in the browser! Google will penalise you for not having the certificate and warn visitors that your site is not secure. It’s not hard to obtain and some Hosts even include them with their hosting plans. Your Web Designer/Developer will make sure you have one.
It doesn’t stop there either, if you’re a business owner, you will know how much all your software needs to be updated. Websites are exactly the same.
Your website is made up of many components and like everything, they thrive with attention. Plugins are constantly being updated by their authors for bug fixes, patches, and glitches. Themes need updating, as does the WordPress core itself. Software typically comes with security improvements.
If you don’t keep up with these software improvements and updates, you are leaving your website vulnerable to being targeted by hackers. My security plugin of choice is WordFence and it comes with Free or Premium versions. There are of course many to choose from, just make sure if you’re building or having a website built for you, your Web Designer/Developer is using a reputable security plugin on your site, and that it’s configured correctly in the settings.
Ten common passwords
Hard to believe but yes, here they are:
Now to be fair, there are a few lists out there, based on different studies as Cybernews.com reports, however, their one commonality is PREDICTABLITILY.
Taking the weight off passwords
Now you know what passwords NOT to use, how hard is it coming up with appropriate passwords, and even harder to remember them? That’s exactly why we go for the same old password. EASY. Easy for the hacker too.
LastPass is my go to. Full stop. Takes all the weight.
Try using spaces in your passwords. And, according to Business Insider – A “passphrase” is stronger than a single password because it increases entropy, or the amount of randomness in a password, making it harder to guess.
Maintaining your website
One of the things you can do is have your website maintained. There are so many care plan options, it can be a bit confusing but to be honest, if you don’t have the time to look after your website, you will be leaving it open to attacks. A great alternative is having someone reputable take care of your site for you. I offer CarePlans starting from as little as $45 per month. That’s a small investment for a website, which is basically a 24/7 employee. Even if you choose to take a care option with another agency, honestly, it’s the best thing you can do for your business.
If you’re feeling a bit stuck and this seems overwhelming, don’t worry, not everyone has the time or inclination to learn the technical side of Website Security. If you’d like a bit more support than this post provides, contact me and we can book a 1:1 call.
The simple process of getting a new website for your business.
Click this link if you’d like to download my all-inclusive checklist.
These steps outline what it takes to get your beautiful new website up and running.
This list will give you a perfect understanding of the process before hiring a designer.