Unfortunately, malicious cyber-attacks which target personal computers, IT networks and websites are extremely widespread – and recent high profile incidents, like the WannaCry infection in May 2017 which affected more than 200,000 computers across 150 countries, highlight just how important it is to proactively take steps to tighten your online security and avoid disaster.
Your website is a vital business asset – and if it ever gets hacked, you might find yourself facing a demand for payment of an expensive ransom – and at the very least, a tricky process of trying to get the website secured and back to normal.
Fortunately, there are some easy steps you can take to improve the security of your website and reduce the likelihood of it getting hacked. In this article, we’ll take you through them!
Don’t choose an obvious username
The username for WordPress websites is often set by default to ‘admin’ – so this is the first thing hackers try when attempting to access your website. You should always avoid this and use something less obvious – so that hackers have to guess both parts of your login credentials, not just the password.
While we’re at it, it’s important to use a strong password too. LastPass, for example, has a really handy, free tool for generating strong passwords, and they also offer secure password storage tools – or you can of course just save your website passwords in your browser itself. Chrome and Safari both prompt you to do this, for example. There’s no excuse not to use a strong password these days – since you don’t even need to remember it!
Install a security plugin
Installing a security plugin is very quick and easy, and it dramatically ramps up your website’s defences against attacks.
Two of the very best available are Wordfence, which does an excellent job even with its free version, and Sucuri – which isn’t free but is very powerful and includes access to a support team that will fix and clean up your website if it ever gets hacked – that’s an extremely valuable perk!
Install an anti-spam plugin
On a related note, there’s also a great free plugin called Akismet, which primarily protects the comments form on your website’s blog from getting hit with spam.
Akismet tends to appear in the WordPress dashboard’s list of available plugins by default – but people often miss it or forget about it, and it doesn’t get activated… it only takes 2 minutes, and really makes a difference!
Update your plugins and software
Once your website has been setup for the first time and all the plugins you want to use have been activated, it’s easy to forget about them… but it’s very important not to!
New versions of plugins and WordPress software are released regularly – and they don’t just contain handy new features. They usually include important security-related updates too, which are designed to counter the latest risks and patch up vulnerabilities that could be exploited by hackers.
Look out for the little red circles in your WordPress admin dashboard which show you when new updates are available – and install them as soon as possible. It’s highly recommended that you do this late at night or outside of the website’s peak hours of traffic, just in case a plugin update fails and breaks unexpectedly and some troubleshooting and/or reinstallation needs to be done (this can happen occasionally).
It’s obvious, but vital – you need to back-up your website regularly, in case you ever get hacked or the site breaks, and you need to restore it.
You could do this manually, by exporting the website’s files and databases and saving them on an external hard drive and/or your Dropbox or Google Drive folders for example, but there are much easier and more convenient alternatives!
At erjjio studios, we specialise in building websites using WordPress – an extremely popular, industry standard platform which powers a large chunk of the world’s websites. One of its key advantages is that there’s an enormous amount of pre-built plugins available, to make all sorts of things much easier to achieve.
For example, there are lots of plugins available which make the job of backing up websites nice and simple – the most popular is BackupBuddy.
We’re also big fans of ManageWP – backups can be fully automated so you never have to remember to do it yourself, and at a frequency that suits you (depending on how often you update the content on your website).
If this seems a little daunting…
We understand that your priority is running your business, not your website – and you don’t necessarily have time (or desire!) to deal with this sort of technical stuff – that’s totally normal!
If you’d like us to take the responsibility off your hands and look after it all for you, so everything runs smoothly in the background and you don’t have to worry about it, then we’re more than happy to do so!
Our Web Hosting and Care plans include regular backups, spam & malware protection, SSL security certificates, management of all plugin and software updates, website performance reports, monthly development time dedicated to building new website enhancements, and more!
Get in touch for a chat if you’d like to find out more – we’d love to hear from you.