Cybersecurity has been all over the news in recent years, and for good reason. With large companies like Equifax, Lyft, and Facebook getting hacked, millions of people have had their personal information compromised.
If you think that your business website is safe because it’s not big enough to be targeted, you’re wrong. There is no job that is “too small” for hackers. They want data and they don’t care where it comes from – and small businesses are often an easy mark.
In fact, a recent study from security firm Sitelock revealed that the typical small business website is attacked 44 times a day and software “bots” are visiting these sites globally an average of 152 million times a week. Yikes!
So what can you do to keep your site safe? There are lots of different hosting platforms out there, but for the purposes of this blog, we’re going to focus on WordPress.
Let’s jump right in:
Install A Quality Website Security Tool
There are a lot of different security packages which allow you to scan your website or blog for malware, trojans, viruses, and online threats. Many of them are completely free. WordFence is one that we recommended.
Once you’ve installed the plugin, it constantly scans all of your files, themes, and plugins for malware infections. If it finds any sort of threat, it will notify you immediately. And, as an added bonus, it claims to make your site 50 times faster and more secure.
Restrict Access To Your Website
Admin access to your website isn’t something that should be granted to just anyone. In fact, there are probably a very limited number of people who actually do need it (typically only you and your web manager). If you need an employee or contractor to make changes to your webpage or blog, there are other levels of access they can be granted – without access to all of your confidential information.
Install A Firewall Plugin
When you install a firewall plugin, it applies a set of rules to HTTP conversation. These rules help protect your site from hacking, brute force and distribution denial attacks. There are dozens of different options available for WordPress, and many for little to no cost – so there is no reason not to protect yourself.
Always Run The Suggested Updates On Software and Plugins
Whether you run a website or own a computer, you receive update notices on a regular basis. Often, those updates contain fixes for known security errors or vulnerabilities in the system. And when you don’t run them, you leave your website vulnerable to hackers.
We understand that life happens and sometimes these things just slip your mind. Luckily, WordPress makes it easy to keep things up-to-date. Plugins like WP Auto Update Plugin automatically update all of the plugins on your site, with no setup required.
Hide Admin Pages
Just like admin access, your admin pages don’t need to be available for everyone. In fact, it’s where all of the important information is kept – so you want to keep it as hidden as possible. To do that, mark those pages as “invisible” so they’re not picked up and indexed by web crawlers, and give them a name that’s not easily recognizable (definitely not “wp-admin”).
Keep Everything Backed Up
Last, but not least, save everything you do. In the event of a catastrophic loss, you want to be able to restore your site to exactly where it was before the loss. Creating regular WordPress backups is the best thing you can do for your website. Backups give you peace of mind and can save you in an unforeseen circumstance when your site gets hacked or you accidentally lock yourself out. There are several free and paid backup plugins for WordPress, and most of them are fairly easy to use.
Bottom line: all it takes is for one crafty hacker to gain access to your site and – poof! – all your hard work is destroyed. Even worse, your personal information and that of your clients may be compromised. All it takes is a few simple measures to keep you and your site safe.
Reach out to learn how InMotion Hosting can assist with bringing secure hosting for your website.