Why Your Website Security is Missing the Mark
And How You Can Fix It
“Another [big business] hacked”
This headline seems to run all the time. Every year more and more businesses are hacked, websites go down or their security is breached.
It really feels like there’s nothing you can do about it. And in some cases that may be true. Even small business owners can be the target of an attack. Lets face it, even Nufire Marketing was back in May.
Here’s five things you and we can do to improve your website security
Number One – Hackable Passwords
This may seems like a gimmie, but some where sometime you may have an account hacked by a non-secure password. Password with your birthday, kids birthdays or last name are easier to remember. And also easy to hack.
Our hosting services uses a password generator that is pretty much unhackable. They are long, impossible to guess and impossible to remember. Not to mention they don’t mean a thing.
- Use a password generator
- Make sure its strong by checking the password strength
- Make sure that its using letters and numbers and punctuation
- Longer the better
- Change it often (I know this is a pain) but so is getting hacked
Number TWO – Use a password system
Try using a system like LastPass to store all your passwords. That way you only need to remember one password to access each one of yours. You can even share these passwords with others and keep the password hidden from them.
For those of us, like Nufire Marketing, that have hundreds of passwords, this is the only way to go.
Let’s move on to Number THREE – Keep things up to date
Old technology is hackable. And yes a year in realtime is like three years online. Software patches and updates are developed and released all the time. Keep them up to date to prevent the worst of the attacks.
WordPress is the most commonly used website system. But it also vulnerable to the most types of hacking attempts. Keep your WordPress install up to date and all the plugins up to date and you’ll be protected well.
But if either of these get too old your website can be at risk.
Other systems like ModX are inherently much more secure, but not impenetrable. Last pass Modx site wordwide suffered a massive hacking attack.
FOUR – Installing the right plugins
WordPress developers have created additional plugins to help keep your website safe. WordFence is one that we use at Nufire Marketing to keep our hosting sites safe. It notifies us when plugins are out of date or no longer functioning. It also informs us when there has been attempts to hack into your site. Its tracks the IP address from threats and will block that IP from being able to load the site. You can actually see what IP, what county and what they tried to use to guess your username and password.
Number 5 – SSL
We offered a free SSL certificate to all our website hosting clients this year.
But what does an SSL do? You’ll know if a site has one if the domain name says “https: instead of “http” there could also be a lock icon near the browser URL box.
SSLs will help your customer feel better about using your site and that their data can’t be hacked. In most cases, this doesn’t matter, unless you have a shopping cart or collecting user data.
Search engines like Google are ranking sites with an SSL higher then a site without one. So its a good idea to have it anyway. Here’s the nitty gritty on SSL certificates.
Want more? Here’s a list of sites to take a look at!
Written by Avery Nubson
Avery can be reached at avery@nufiremarketing.com