Currently, there are over 1.6 billion websites on the WWW and your business website is just one of them. “There’s safety in numbers” you might say when talking about your site’s security – “why would anyone target me?”
It’s important to know that Cyber Criminals and Spammers don’t physically trawl the web, using “bots” * instead to scour millions of sites every day. Looking for ways to hack into systems, they don’t care who you are or what your site is. If these bots find a weakness or backdoor to your site, you may be in trouble.
*specially coded programs
Benjamin Franklin wisely said “An ounce of prevention is worth a pound of cure” so here’s five site security fixes that you can implement today:
#1 – Get a Security Certificate for your site.
A security (SSL) certificate is an addition to your website server* Google that creates a secure link between a website and a visitor’s browser by confirming the site’s legitimacy.
If your site doesn’t have one, you risk being penalised by Google (and other search engines) with a drop in your search ranking. In addition, site visitors may be receiving warnings form their browsers that your site is “not secure”.
Luckily, an SSL certificate is quick to install on most web servers. Simply contact your service provider and ask for a certificate to be installed.
* the place where your site’s files live on the internet.
#2 – SPAM Controls
You would have to be living on another planet to not have been the recipient of SPAM emails. It is the bane of every single inbox on the planet. Unfortunately, there’s no sure-fire way to stop SPAM completely but there are several things you can do to reduce the risk.
- Make sure that your online forms are all guarded by Google’s new ReCaptcha protocol. It’s invisible and it works.
- Update all plugins on your site to their latest versions whenever new versions are released.
- Check that your web server has effective SPAM filters at its core level.
#3 – Plugin Updates
As mentioned above, if your site uses plugins for any of its core functions, make sure that you update them whenever a new release becomes available. If your site is built on the WordPress framework, this includes the core as well.
Hackers continually look for ways into vulnerable servers and will use any weakness to break their way into your site. An out of date plugin (or WordPress version) on your site could be the weak link they are looking for.
#4 – Latest Version of PHP
PHP is a programming language used in the development of many modern website and, just like plugins, there are new versions of PHP released on a regular basis. These updates are not only for closing any security vulnerabilities but also includes adding new functionalities to the language that can then be used for new functions on your website.
As with plugins, you can easily keep your PHP version up to date (usually via your web server’s Control Panel).
#5 – Install WordFence
If you haven’t guessed by now, WordPress is my website framework of choice for developing. One of the reasons for this is the amazing range of plugins that add further functionality to the basic core of the framework.
One of these is the excellent security plugin Wordfence. Wordfence provides a range of features and options for site owners that help protect their sites from hacking. On top of this, Wordfence provides monitoring of the other components in a site and notifies, via email, when action needs to be taken.
There are two versions of Wordfence, a free version which provides basic protection as outlined above, and a premium version which includes top level protection for your site.
Wordfence is a must for any site built using WordPress.
Nearly all the security measures outlined here can be implemented by a regular site owner with access to their site’s “backend”. However, if you require assistance at any time bolstering the security of your website, please get in touch with Tropical Coast Web Design and we will take care it for you – hassle free.