Having your website hacked in any fashion is anywhere between mildly irritating to disastrous for a business that didn’t have a backup. The potential of a breach of security is important for all website owners, large and small.
If you’re website gets hacked, you risk losing all of your content. That’s not the worst thing that can happen, especially if you keep client’s private data on your site – you could be sued if their confidential data it was to fall into the wrong hands.
We primarily use WordPress at DonCharisma.com, so we’ve kept that in mind for this article. WordPress websites can be made to be a VERY SECURE, but only with due care and attention.
Web security SHOULD BE TAKEN VERY SERIOUSLY. Here’s some things that will help to make your website more secure :
- TAKE BACKUPS – Always, always take backups, and keep at least a copy of them offsite. WordPress has plugins that will allow you to backup to DropBox, GoogleDrive etc.
- Use strong passwords, and discourage weak passwords. There are sites that will generate LONG and STRONG passwords for you. The longer they are and more complex, the more difficult to hack.
- Lock down any files containing passwords – WordPress often has password’s for the database stored in plain text files. Make sure these have the minimum permissions necessary for the website to operate.
- Keep your website’s software up-to-date – WordPress update often for security vulnerabilities. You really must make sure you update your site’s software with updates as soon as possible.
- Don’t use a “cheap” webhost – Cheap webhosts like Greengeeks and Hostgator are a hacker’s playground. Thousands of websites get hacked there every day. Cheap may save you money in the short term, but will cost you dearly in time, frustration and money if you get hacked later on. So research your webhost, and don’t pick the cheapest.
- Have your site scanned for vulnerabilities by professionals, and ask them to recommend any enhancements to beef up your security – At DonCharisma.com we can help you with this, please contact us, if you’d like us to help make your site more secure against hackers.
- Use encrypted SSL (https) instead of non-SSL (http) – Whilst SSL web traffic isn’t 100% secure or guaranteed hack or eavesdrop proof, it IS MUCH MORE SECURE than unencrypted traffic. So why make it easy for a hacker to sniff or hijack anything that goes too and from your website ? And obviously if you’re dealing with any kind of secure information like passwords or credit card details, then you really must have SSL.
- Make sure source code is locked down – All websites can have their code locked down in a variety of ways. The reason for this is two fold – a) to stop hackers identifying vulnerabilities via reading the code and b) to stop plagiarism and theft of your intellectual property.
Implementing the above will make you website much much more secure. Obviously it’s not exhaustive list, and web security experts such as ourselves have a variety of tools and techniques we use to make websites almost hacker proof – please contact us for a free estimate if you would like us to assist you in making your website more secure.