You may well be thinking, why would anyone want to hack my site? But data breaches happen all the time and are non-discriminative in who they affect.
Often, your site won’t have specifically been targeted, but automated hacking programs will search the web for sites with weak spots. To protect yourself from even the most minor of data breaches, keep on top of these simple steps.
- Always make sure that your software and programs are up to date. If you’re using plugins or external services to facilitate any function on your website, make sure you’re always using the latest version. Software providers endeavour to keep up to date with the latest hacking trends – and update their software accordingly.
Your hosting solution must also be kept up to date. If you’re concerned about the security of your hosting provider, make sure you get in touch.
- Use complex passwords. Most log in credentials will now require you to use a mixture of lower and upper case, numbers and special characters. Be sure to use different passwords for your various applications and software programs, as well as your website access. To be extra secure, change your passwords every 6 months and request that any other users of your website do the same. Speak to your website provider about incorporating encrypted passwords for an extra layer of protection.
- Avoid too much user interaction. This includes unmoderated comments, forums and file uploads. Where possible, do not allow external users to contribute to your site. Hackers use hidden scripts within uploads and comments to infiltrate your website. Check with your hosting provider that the server has a secure firewall and blocks all non-essential ports.
- Ensure that you have an SSL certificate (Secure Sockets Later). Using an SSL guarantees that users of your site will be communicating with your server – this connection cannot be intercepted. This also protects member log in pages and payment details for your users, securing their data as well as your own. SSL certificates are no longer expensive, so there’s no excuse not to have one. With Solid Blue Liquid, SSLs are included as standard.
- Monitor user privileges. If you’re running a blog with guest contributors or an online shop with multiple vendors, make sure that they don’t have too much With most CMS systems, you can denote a level of access to each user, for example: editor, designer, writer etc. Do not give administrator rights to anyone unless completely necessary. This is not because that particular person might be untrustworthy, but because you do not know their cyber security practises.
If you’re ever concerned about the safety of your site, always start by discussing your security options with your hosting provider. As an experienced hosting solution, Solid Blue Liquid offer a wide variety of hosting packages to suit sites of all sizes.
Give us a call and let us know what it is your looking for. One of our friendly team members will be on hand to help.