10 tips to make your website security a priority | Calgary Web DesignHave you ever been in a meeting with a potential client, trying to navigate to your website to display the great products or services you offer only to discover a dreaded blank page with a single line stating “hacked by hacker”?

Maybe you’ve heard of someone who was once in this situation.

Meanwhile, your clients are now waiting for you to display what you’ve promised…

Who you’re gonna call?

(I know, I know,  “Ghostbusters”… well unless your web designer wears a grey coverall and walks around wearing a “proton pack” then this is the wrong answer)

Well, at this point, I would suggest to take a big breath, keep calm and get in touch with your web designer. He or she will take the necessary steps to help you recover your website.

What can you or your web designer do to make your website more secure?

Here are 10 tips you can apply:

1Use the services of a great web designer!!! I know, what a simple tip… but so true, you need someone who can help you understand what being secure online means

2If you’re using a CMS (Content Management System) to update part or all of your website’s content yourself, ensure you’ve created a strong username and password. ABSOLUTELY AVOID any username such as “Admin” or anything generic as this is what hackers use to “brute-force” your login credentials

3Whatever the platform you or your web designer uses, DO NOT display the “meta box” on your website. This “meta box” is an entry door to your admin panel, it should be hidden from the World. If you’re using WordPress, you can go to “Appearance>Widgets> then remove the “meta box” from your Blog sidebar.

4USE PLUGINS to enhance your website’s security. I use “Limit Login Attempts” which works really well at locking out potential hackers who try to “brute-force” your login credentials.

Other great plugins include “Better WP Security”, “Security Ninja”, “BulletProof Security”, “Antivirus” and more…

5If your website has a Blog, MONITOR THE COMMENTS and/or articles written by other users. This is another way hackers attempt to inject malware onto your website. Not only it does put your website at risk but it can also affect your search engines ranking as bad links will direct readers to random sites such as big sale electronics, counterfeit goods or illegal medicine.

Decide whether you need to be the only author of posts and what the requirements should be for visitors to comment. One of the best WordPress plugins to help you with this issue is “Akismet”.

Another great plugin to help you moderate your Blog’s comments is “Disqus”.

Remember that enhancing the security of your Blog is important but you also want to ensure your readers don’t have to enter 12 passwords and pass an airport-like security scan before commenting that they like your post! Up to you to find the right balance!

6BACKUP YOUR WEBSITE REGULARLY! Whatever platform you use, you need to backup two main components: the folder where your website’s files are located and your website’s database. If you don’t know what I’m talking about, check with your web designer, he or she’ll guide you. The main benefit of backing up your website is to be able to delete all files (including the hacker’s files) from your server then restore your entire website. This way, you can start clean if this was your last solution after trying other methods of recovery. I would recommend a minimum of a monthly backup but also anytime you’re making any major addition or changes to your website such as setting up an e-commerce feature.

7CREATE A STRONG PASSWORD to log into your website! I know, you see it on every website you need to log into nowadays…

There’s a reason why! Follow the common rules: minimum 8 characters, an upper case, a lower case, a number and if possible no word that can be easily found in the dictionary.  This way, it becomes more difficult to guess for potential hackers.

8NEVER, EVER share your login credentials with anyone. Contemporary platforms used by web designers allow for the creation of multiple users with different levels of permissions. Providing your login details could jeopardize the security of your website as this person now can change your password and log you out forever! Discuss with your web designer the number of users who need to have access to the website and the permissions levels.

9BEWARE any third-party applications that request your login details to access or connect to your website or Blog for whatever reason. Nowadays, you’ll find connections between Twitter, Facebook, LinkedIn and many other social media sites growing exponentially. You’ll find yourself connecting to random website with your Facebook login details because it offers you the opportunity to do so: please choose carefully who gets to store such sensitive information.

10Last but not least, KEEP YOUR WEBSITE UPDATED! What does that mean for you? Whether you or your web designer are maintaining your website, remember to update the platform, the website theme or template (if applicable) and any other plugins, pieces of software that are part of the machinery.

Like any set of gears, if one becomes slightly weak, the rest of the engine is at risk.

I maintain and update all of my clients’ websites for their peace of mind and to allow for a great user experience on the front end.

 

Your Turn!

What are your thoughts on website security and online security in general?

Please feel free to share!