A question we hear often is how to protect a website from hackers. We’ll be covering five steps you can take to try to secure your website to the best of your ability. Do keep in mind that there are many, many steps required to make your site secure, but these are the some of the easiest, most accessible options for the majority of people.
Here’s how to secure a website – in only 5 steps!
Keep Everything Up-to-Date
While this may seem like common practice, you would be amazed at how many people do not keep their websites, software, servers or computers up to date. Technology is always getting consistent updates for a very good reason, and it plays a major role in how to secure a website. Updates come out regularly because developers have fixes for discovered bugs, or they are trying to make their product better, or because they are fixing minor/major security issues.
Use Strong Passwords
Not only is it important to use strong passwords for your day-to-day accounts, but it’s also extremely important to use them for your servers and admin account log ins. As we’ve covered in the past, your password should be at least 8 characters in length, have a capital letter, a number and a special character. If you’re unsure about the strength of your password, Kaspersky has a password tool that will tell you how long it would take a hacker to steal your account. Don’t worry, they do not log or collect any of your information, it’s purely for educational purposes! You do not want to utilize common words or sequences. For example, Password1234 (Can be hacked in 2 hours) or even Password1@3$5^ (Can be hacked in 2 months) are both terrible passwords despite how complex they both should be all because of the use of the word “Password” and because of predictable sequences. Try to make your password as unique to you as possible, something that only would make sense to you, and not a password you think there’s even a chance that someone else might use.
Utilize SSL (HTTPS)
Having SSL implemented on your website is definitely one of the best network services you can have to help with how to secure a website. In the same article referenced before, we mention why you would want to use SSL (Secure Sockets Layer) as a consumer, but we do not really touch on why this is important for you to utilize as a business owner. This is the point in the article where you really need to start examining your website, and business, as an outsider. “If a complete stranger had access to this portion of my business, would that be OK?” How this ties into SSL is because, without it, anyone with a little technical know-how would be able to see all the information that is being passed through that website by your customer if they are using the same internet. For example, both of these people are using the same WiFi network at Starbucks, or a Marriot Hotel. While obviously, we do not want any information to be leaked, some information is more important than others. It all depends on what type of site you have, really. If you require a customer to type in any personal information, or you deal with credit/debit transaction, then SSL is a must-have. Not only that, but not having SSL at that point is a blatant disregard for your customer’s privacy and trust. Another benefit to SSL is that it can help your website be found within Google Searches, as it is a major factor when it comes to your website’s ranking.
Lock Down Your Permissions & Files
This is where I might lose you, but if you request help from your website host, or IT team (or you could even contact us to help you) then you should be fine. This falls in line with step 3 of giving people what they need. If an unregistered user or non-personnel member does not need access to particular files or folders, then you are going to make sure that they cannot be accessed by particular users/groups. To do this, it depends entirely on your website host. Some hosts have a control panel you can manage, whereas others might require you have a FTP (File Transfer Protocol) program setup.
Always Backup Your Website
While this should go without saying, again, you would be surprised how many people do not diligently back up anything that would be considered important. If you need managed IT Services to get you started on this, as well as maintaining your entire infrastructure, please do click here to see what all we can do for your business. Not only should you be making multiple backups of your infrastructure, but you should be making multiple backups to multiple places. If someone were to hijack your website, you would easily be able to restore it back to its most current state.
Hopefully, now you have a better understanding on how to protect your website from hackers!