You probably haven’t given much if any thought to ensuring your website is secure, unless it’s been breached in the past or you’re running an e-commerce site. Websites are regularly hacked for reasons such as:
- To re-direct visitors to another site
- To infect visitor computers with malware
- To use your web server as a means to send spam email
- To set up a temporary web server, typically to provide files of an illegal nature
- To mine for Bitcoins
- To change the website content
Website hacking is generally performed using an automated method, which searches the Internet to take advantage of known website security issues that have not been safeguarded.
Here are some basic tips to help keep your website secure. You can perform these tasks yourself, or hire your website designer or IT support company to perform them for you.
- Ensure there is a secure certificate installed on the site.
- All page URLs should begin with https:// , with the “s” indicating “secure”.
- Ensure the WordPress firewall plugin is installed.
- Monthly website maintenance should include:
- WordPress version updates
- WordPress plugin updates
- WordPress theme updates
- Verification that your website is being backed up. A minimum 30-day retention period is our recommendation.
- Update Website Software. Keeping any software you are running on your website up to date is key, since older versions can have known vulnerabilities that hackers will find. This includes the Server operating system, however, if you are using a hosting company, they should take care of applying security updates as needed for the operating system.
- Use Complex Passwords for your website administration area, ideally with dual factor authentication.
If you would like assistance reviewing whether these safeguards are in place for your website, we can help. BSC also provides the above monthly website maintenance services. Contact us today for more information.