For many businesses their website or “online Property” can be key to its profitability and be the main point of presence to their customers. Anything that illegally interferes with that can not only be expensive to repair, but can create a headache trying to regain customer trust, especially if key data has been accessed.
So website security is now not something reserved for banks and online transactions, it needs to be in place for even the basic of sites and should be part of any online strategy.
Using A SSL Certificate
The basic type of security is to transfer your site from being a http to https. The “S” indicates your website is now on a secure server, making it much harder for trolls and unwanted hackers to access your property. The good news is most web hosting includes a SSL certificate (the bit that makes it secure) free as part of a hosting contract. In fact in Google’s eyes this all websites should be set up as standard with an SSL certificate and has admitted its algorithm will give a small SEO boost to sites that are https.
Personally I have been hacked a few times and, the first time was because of poor passwords, I used because they were easy to remember and the second, was the password to get into my hosting account, rather than my websites themselves. Both these hosting services at the time, suggested the solution was for me to buy a service for $30 a year to prevent hacking, rather than taking any responsibility themselves. Needless to say, I swapped hosting until I found a server who offer SSL free and had their own internal security firewalls. For extra security I could then buy extra services, but not just to give more profit to hosting companies who are not doing enough themselves.
Consider A Server Who Puts Security At The Forefront
Some servers, only allow access from your allocated i.p. address, or give timescales to upload files, this can be a great security option. Most hackers will look for easier targets. It is very frustrating that many hackers do it for the fun, just “to prove they can”. Often it is those who are not “web savvy”, who get attacked and have to pay someone else just to take things back to where they were before.
Once you have set up your SSL certificate in your hosting dashboard, then you may have to add some text to your .htaccess file for a linux server, or offer a redirect on windows or ASP hosting. This is to ensure all pages are redirected to the now secure https versions.
A Weakness Of WordPress
Another weak part of the internet in recent years has been wordpress. Once hackers had understood the inners of WordPress, it then became a focal point for many admin attacks. Posts would have unwanted adverts, redirects or even false back links to sites such as Viagra, Porn and gambling. Once your site is associated with linking to such sites, it can lose trust with Google making it harder to regain visibility.
The latest version of WordPress is much better than previous, but it is a constant battle to keep ahead of hackers so if you have WordPress installed on your site, you should always update to the latest version when prompted to. Access to the admin section, is where the damage is done, so you should always take steps to prevent unwanted access, with detailed passwords as well as considering extra apps to help you
A Selection Of 10 WordPress Security Apps
- Wordfence Security
- Google Authenticator – Two-Factor Authentication
- Sucuri Security
- All-In-One WP Security & Firewall
- BulletProof Security
- Vaultpress
- iThemes Security
- WP Antivirus Site Protection
- Block Bad Queries
- VIP Scanner
You should look through these 10 App solutions and chose the one that suits you best and of course search for some more. You should also be prepared to change if you feel standards are slipping.
The whole benefit of WordPress, making it easy to install and use, has made it a target for hackers. In a few cases, I had removed WordPress altogether, but now feel more confident in its use.
