While the recent cyber attacks are on everyone’s mind, I wanted to send out a few easy minimum-security tips to keep your website safe.
1. Your login page should be secured using SSL
You should see the green lock in the address bar for your browser. And the address should start with “https”. Here’s what that looks like:
You should see this on the login page for your website or any other page where you enter information on the internet. If you see this, it means that the page is encrypted and that hackers won’t be able to easily see what you are typing on the form.
All of our shared hosting plans come with a free SSL certificate, but your website needs to be configured to use it. If you haven’t done this already, contact us today to get it configured.
2. Your software should be up to date
The recent ransomware attacks around the world were perpetrated on computers that had not installed the most recent security patches. The fix for this security vulnerability was available in March. But the hackers knew that not everyone would get around to updating their software.
This is exactly the same approach that is taken to hack WordPress websites. If your site’s software is up to date, the risk of a hack is dramatically decreased. If you are already on one of our Managed WordPress Security plans, you’re safe. If you are not sure if your site is up to date, contact us today.
3. Backup, Backup, Backup (Off Server)
If you do get hacked, recent backups are your best line of defense. Inspecting and removing a hack can take hours, if you know what you’re doing, or much, much longer if you don’t. If you get hacked, the quickest way to get your site back is a recent backup.
Make sure your hosting account has backups of some kind. If it doesn’t, make sure you are downloading a backup regularly. Check with your host because while some offer backups as part of the normal hosting plan, other charge extra for it.
Off-server backups are also important because there is no guarantee that the server your hosting on will run perfectly forever. Find out from your host if they are using RAID drives and have off server backups. If not, install a plugin like UpdraftPlus WordPress Backups that allows you to schedule nightly cloud backups to Google Drive, Dropbox, Amazon S3 and more.
Check out this article on How to Encrypt Your Entire Digital Life in Less than an Hour