Website security should be one of the top priorities for every website owner. Around 46% of the world population has an internet access and the number is increasing each and every day. Unfortunately not all of the internet users connect with good intentions. There is a lot of hackers trying to find a way how to steal online identities, get their hands on confidential data or just take down websites using different hacking techniques. The good news is that there is a lot of things you can do as a webmaster to secure your website and prevent such online attacks.
Improve Password Security
The simplest and the most effective way to improve your website security is to use strong passwords. Passwords like "123456", "qwerty", "password" or "football" are easy to remember, but they are also very easy for hackers to guess. The best option is to use random passwords containing more than 8 characters and using a combination of uppercase, lowercase, numbers and special symbols. Such passwords can be very effective but also difficult to memorize. That is where a good password manager can help. Try free and open-source tools like Password Safe or KeePass.
If you need a password that is strong and easy to remember, think about a sentence that would be easy for you to memorize. Then take first letter of each word and turn it into a sequence of characters. "My cat Trixie was already four years old when I got her." can be converted into "McTwa4yowIgh.", which is already pretty strong password and should not be difficult for you to remember.
Another important rule to follow is not to use any password twice. In that way if one of your passwords get hacked, you will not have to be worry about the rest of your online logins all over the internet.
Encrypt File Transfers
Even though there are modern and secure ways how to connect to your server and transfer files, most webmasters are still using unencrypted FTP access - a protocol that was not designed to be secure and the current specification is in use since 1985. FTP has a lot of known vulnerabilities so it is recommended to replace it with modern and secure protocols like FTPS or even more secure SFTP.
Schedule Backups
Backups are crucial for every website. The process of backing up will protect you not only against hackers who might delete or modify your data, but also against server hardware issues and against your own mistakes. The key is to back up on a regular basis. When the moment comes when you might need to restore your data, a six-months-old backup is usually useless. The ideal situation are automated daily or at least weakly backups provided by your web host. If you don't have automated backups available, you should back up manually before and after each important website update. Do not forget that in most cases it is not only the files on the server you need to back up, but an SQL database as well.
Install an SSL Certificate
Depending on the web hosting plan you are using, it could be a very simple task requiring you to do just a few clicks. In some cases installing an SSL certificate could be pretty complicated and sometimes even impossible without upgrading to a more advanced plan. With most of the hosting providers you have an option to choose between free Let's Encrypt certificate that can run on shared IP address, and commercial certificates that might require a dedicated IP address. For most websites the free option will work just fine improving not only the website security but SEO rating as well.
Protect Your Own PC
You can use strong passwords and encrypted file transfers, but still it is your own computer that might be compromised and used by hackers to access your web server. These days a good antivirus is a must-have and not a nice-to-have feature. Such software can protect you against malware, viruses, trojans, spyware and other online threats like phishing or identity theft. Stick with a proven award-winning brands like Avast or AVG that will keep your PC secure, fast and always up to date.
Bottom Line
Online security should be taken seriously. Following our 5 simple steps can save you a lot of troubles in the long run, so make sure you implement all of them. Do it now. Tomorrow might be too late.
No comments so far