Top 10 Website Security Tips
Discover how to protect your website, with top tips from our web support experts.
Just like an office:
Your website is a public face for your organisation.
It is important to keep your website tidy and presentable.
It is important to keep your website and its contents secure.
If your site is hacked, you could suffer many setbacks:
-Your brand credibility is affected
-Your customers trust in your website is affected
-Malware which affects the functionality of your site could be installed
-Your data, and your customer’s data could be stolen
-Phishing emails could be sent to your customers
The list goes on…
So we know it’s bad to get hacked, but what can we do to improve our chances that our websites are safe?
1. Use a strong password
Using a strong password ensures you have the best protection against brute force or guessed attempts at hacking.
2. Keep your plugins and themes updated
When a vulnerability in a plugin or extension is discovered, you can bet hackers will rush to exploit it on as many sites as they can before it is patched. Keeping sites up to date means less of a window for hackers to exploit these vulnerabilities on your site.
3. Switch to HTTPS
Using HTTPS and installing an SSL certificate means data sent between your site and your users is encrypted. This means if the data is intercepted it cannot be understood. It also shows end users that your site is secure and trustworthy by displaying a padlock icon next to the URL.
4. Keep track of your user accounts
Nobody likes admin, but making sure unused logins are removed and that current users only have the access necessary to do their job is important. It means fewer chances for a hacker to compromise an account, and less damage done if they do.
5. Use a Firewall like Sucuri
There are many security options available on a website but one we at Generate UK swear by is Sucuri. Not only do they provide a firewall which blocks suspicious traffic but they can also be called on to clean up infected sites and automatically scan for malware.
6. Use SFTP or FTPS
When you or a developer connect to your server to edit files, it’s important to make sure the data is encrypted. So make sure your hosting supports SFTP or FTPS connections- these encrypt your connection, like HTTPS does when users visit your website.
7. Don’t forget about your smart devices
Ever logged on to your website on your smart phone or tablet? Make sure it is secure by enabling a lock screen password. You should also ensure your device and apps are kept up to date, and consider investing in tools to track, remotely lock or erase the data on the device if it goes missing.
8. Use 2FA
Two Factor Authentication is a fancy term for a simple process- when you log onto your site you have to provide a code to prove you are who you say you are. This can be sent to your email, phone, or generated by yourself, but it add another layer of security that can foil a potential attacker.
9. Take regular backups
So the worst has happened- your site has been compromised, and your homepage is gone. Having a backup available to restore means fewer headaches if the worst does happen.
10. Use uptime monitoring
Keeping track of your uptime is important anyway, but in case of a website attack you can respond swiftly if something is watching your site for you in the background. Setting up a third party monitor that emails or texts you if your site goes down can go a long way.
How can Generate UK help you?
Your website is a significant business investment. It requires commitment to keep it protected, up-to-date and in optimum condition. We are here to be your website’s safe pair of hands, providing expert support and maintenance, leaving you to focus on achieving your business objectives.
We are here to advise you on website security, help with updates, install and maintain your website’s security plugins and much more.
Speak to our Support & Maintenance team today to learn how we can help protect your website.