Ok, ok, I get it. I know it won’t happen to you – never does. Until the day when your site gets attacked, and they pluck user data right out of there, and Google shows you some love and blacklists your now infected site.
Doesn’t that say it all? It’s what happens when you let things like website security slide too long and the inevitable happens. Don’t make this happen to you because all the work you put into getting your site ranked high in the SERPs is suddenly a waste of time.
Let’s get down to the nitty-gritty here. It doesn’t matter if your site is a safe little blog with a few loyal readers or it is humming along with a million pages and growing. Data leaks happen, and personal information is out in the wild, up for sale to the highest bidder. Don’t let that be your site, or at least say that you tried.
Hackers make their living exploiting security holes in sites and installing malware and transform the computer into a spy bot in a few minutes, and send user data back to themselves, or destroy your site’s database, or worse, use your server for DDoS attacks. I know you see the risk you’re taking by not paying attention to your website’s security.
Preventative Steps That Work
I hope this goes without saying, but I’ll say it anyway. Keep all your software updated! It’s a simple thing to make sure you don’t open yourself up to a security breach because you forgot or didn’t care to take the time to update your site’s software.
It’s your job as the webmaster to make sure your site is clean and tidy. Be like WordPress and Joomla. They work 24/7 to make sure nothing gets by them. If they sniff out a vulnerability, you can bet they’ll be sending out an update today. They rarely miss a beat, so show some respect and install the update.
If you’re using a CMS, clean out old plugins immediately and make sure existing ones get updated as soon as an update shows up. That is, don’t wait for them to tell you. Check for updates every day or more because it’s that important.
There’s no excuse anymore for not securing your site because it’s almost effortless. Go online and use a website security scanner for your site. Let the software do the work and find security holes where hackers look for a way into your site.
The software notifies you of breaks in your security to give you time to repair it before it’s too late. Scanners also look for the latest vulnerabilities as they come about, which is a daily occurrence worldwide. That means you’ll know about pressing fixes or updates hot off the press so you can stay days ahead of hackers and stop their disgusting attacks dead in their tracks.
Secure Your Computer
Don’t rely on updates as your only line of defense. Install a web application firewall for protection to stop attacks by doing what firewalls do such as filtering incoming traffic and a long list of other techniques used by hackers to sneak their way into your system.
Modern firewalls use the Cloud instead of hardware to provide protection. Since moving to the Cloud, prices have fallen so just about everyone can afford them, and lately, renting a firewall is now a realistic option. You won’t have to spend a small fortune on servers or other expensive appliances. As I said, protection for your site is now almost effortless.
HTTPS
You should already know what HTTPS stands for and how important it is for site security. In case you don’t, it stands for HyperText Transfer Protocol Secure. The protocol means information sent from your site to a server gets encrypted with TLS, or Transport Layer Security, or SSL, which stands for Secure Sockets Layer.
Most browsers notify users if a site doesn’t use TLS or SSL and will flag it as not secure. That’s a big turnoff for users, and a red flag to Google for ranking purposes. Don’t wait any longer if you’re serious about protecting your data and your users’ data. Make the switch to HTTPS now.
I Repeat – Change Your Passwords!
You’ve heard it a thousand times. Don’t use the same password on multiple sites. Also, don’t use wimpy ones, either. Use robust and complex passwords and store them in a password manager. Don’t be afraid to use passwords over 60 characters and allow for all symbols and letters. Hackers say 63 characters or more are nearly impossible to guess with even the most sophisticated password sniffing software. Don’t give them an open invitation to break your site and change your passwords often.
Website security isn’t rocket science, but it takes more than a passing thought to protect your users, their data, and your data, too. Take the time necessary to make it happen. Start with a website security scanner to see where you stand and fix what’s broken. But do it quickly, before you get stuck making excuses and living a life of regret because you cost your company a fortune.