Top Things You Can Do to Help Improve the Security of Your Website
Below are several different precautions you can take starting today to help protect your website from hackers and attackers:
Update to the Newest WordPress
For those who did not hear, just last week WordPress launched the new version of WordPress, version 4.2.4, which is considered a security release for all of the previous versions of WordPress. You can find the official announcement here, where it discusses six different security issues the update will fix. In general, the fixes include:
- A potential SQL injection that could be used to compromise a site. This allows a hacker to change the information on the back-end of your website, which could include your content, user information, passwords, etc.
- A potential timing-side channel attack. This refers to an attack that could occur at certain times during the day or as your website is working during a vulnerable state.
This may not mean much to you if you’re not a developer or overly familiar with different hacks, but those at WordPress actually discovered these vulnerabilities (and their names are mentioned in the article.) You can update by visiting your Dashboard in the admin side of your WordPress and then finding the Update Now tab.
Change to HTTPS
Back in August of last year, Google actually announced that websites who used HTTPS, or a secure website, would get a boost in rankings. In the past, using the HTTPS was really only necessary for companies that housed confidential information (banks, lawyers, schools, etc.), but this quickly changed. It has now become a way to really keep all sites secure and not something that is optional for some sites (technically it is still optional, but it shouldn’t be!). Google wanted the Web to be safer which is why they offered a boost in rankings for secure sites, so it’s clear that this move makes a difference. In short, if a website is using HTTP it means that the data is not encrypted, meaning there is information being sent across the Web in plain text. This makes the information much easier to find and read. If you have an HTTPS connected with your site, you’re making it much more difficult for hackers to attack. You can learn how to change your site from HTTP to HTTPS here from DesignModo.
Your Password Matters
In addition, it’s also worth mentioning the importance of secure passwords. Believe it or not, hackers do have a way of guessing your password, so if your password is full of random characters, letters and numbers, it will take much longer to crack (and in many cases, it can’t be cracked). Make sure WordPress thinks your password is strong. The best part about this is that it’s so easy to make a change. Reset all of your passwords immediately!
Limit Your Number of Login Attempts
With WordPress particularly you can limit the number of failed login attempts from the same IP range. This means that if someone doesn’t get your password right after three tries, they’ll have to leave and go somewhere else before they can try again. Naturally, this makes it much more difficult to hack your site because they simply don’t have enough time. It’s true that hackers can use different IP addresses to get around this security block, but it’s still better than nothing and will limit your risk to only the most advanced hackers. You can set this up by installing the Login Lockdown plugin.
Think About Your Host
Your website host could actually be a huge security issue, and, according to a Torque Mag article, 41 percent of websites are hacked because of a vulnerability in their hosting service, making it the biggest security weak spot for websites. Look into the security that all of the different hosting options provide and make sure to choose the one with the best features. This may cost you more money, but it will be worth it in the end.
Use a WordPress Security Plugin
Chances are you have this already set to go, but this is also something that you need to update when an update becomes available. Again, there are new hacks out there everyday, so the updates protect you from the most recent (and then most common) attacks. Fortunately there are lots of WordPress plugins you can install to help keep you protected. You will find Firewall, Hardening, and Scanning and Tracking protection plugins, so it’s best to get a plugin that focuses on all of these different types of protection. You can learn more about the right plugin for you here. In the end, security is all about staying up to date with the latest updates and always backing up your information in case something does happen. The tips above are some of the most important things you can do to stay secure that won’t be difficult to implement, but of course there are more options that bigger sites should take into consideration. I recommend checking out this article for more advanced ideas. How do you keep your website secure? Let us know in the comment section below.
Republished by permission. Original here.
Deadbolt Lock Photo via Shutterstock
More in: Publisher Channel Content