how to secure your website and prevent a major hack. The 5 simple steps you can implement today…
Do you worry about having your website hacked? Does this keep you from either getting your first website or even keep you worried that it might happen some time in the future? This article will cover some of the issues associated with this, including:
- What happens when you are hacked?
- How to prevent your site from getting hacked
- What to do once you’ve been hacked
First off what is hacking anyhow? This is simply when someone gains unauthorized access to your website. They may then choose to copy some information from your website, put up information in your website that shouldn’t be there, delete your entire website or redirect people from your website to another website.
So how do you prevent this from happening to you? More particularly how can you as a normal end user keep your site secure?
Your Internal Staff & Security
Often times your internal users pose the biggest threat to your own website. If you’ve been to any cyber then you have probably found a computer that the previous user forgot to logout, or maybe there was a power outage and the person left, unaware they were still logged in.
- The same is true of your website, your staff will have to be extra careful not to leave the website accessible. Some of the things you can do is make sure they access the website from designated computers that have been secured with good antivirus software.
- Secondly if you encounter power outages or the computer is often used by many people including those not authorized to access your website – then have them login in private mode through your browser. that way your active session isn’t saved.
- Additionally if your computer is also accessible by other people don’t save your password in the browser.
- Finally when assigning each user an account – please make sure they set strong passwords that will probably have capital, small letters, numbers and symbols.
- Finally keep changing your password to keep them guessing.
you should have internal processes to deal with your own people who may have access to your website.
You also want to ensure that you have put in place good systems or processes for dealing with your staff when it comes to your technology. If you have a disgruntled staff member you will want to quickly login into your website and deactivate their login credentials. This also means that within your organization you will want to be at the “admin level” in your website and have everyone else below that level to prevent massive damage to your website.
keeping your website systems up to date
Like other software your website runs on a system that also needs to be upgraded constantly – the reason for this is that not only does the latest upgrade have new features that give your website more power but they also have security fixes for loopholes that have just been discovered. So not keeping your website’s system up to date means you are taking risks that can be easily avoided. Most updates are usually released once or twice a month.
Build extra layers of security
Finally if you’ve taken the initial measures mentioned above you can add extra layers of security to your website by using:
- Security plugins – these act like an antivirus software for your website, if you are on WordPress you could add utilities like Better WP Security and Bulletproof Security.
- Purchasing an SSL (Secure Sockets Layer) certificate (on Google or Facebook you see https://www.google.com). This provides an encrypted link between your website and visitors thus ensuring that any sensitive information being sent over remains private.
- Rent a cloud based web application firewall.
backup your website regularly
Finally you’ll want to keep your website backed up regularly, if you are too busy to do this have your developer to it for you. If you update your site a few times per month then a weekly backup is okay. If its more active then a daily backup is the best. Remember you only know the value of your backups when you have lost your content and need to get back online as fast as possible.
Next time I will cover what to do once your site has been hacked.