Most people know that information is one of the most valuable resources available.
Yet we share so much of it online without giving it much thought.
We are at a point where full industries have grown from sharing all kinds of content (video, images, music, anything!), and people, now more than ever, have not only the access to unlimited information, but also the possibility to connect and share their own creation: Nearly anyone in the world with basic internet access can create their own website.
But most of us don’t stop to think about the potential online risks, like hackers accessing our personal data, or companies trading this data without us knowing.
Whether it is a hobby or a company website, or anything in between, running a website with the right setup — based on your specific needs — is almost like having a personal assistant that available 24/7.
Your site can handle all sorts of tasks for you, like filtering inquiries, showcasing your portfolio, posting (and archiving) all of your writing, pitching your products and services to new clients, processing purchases, sending out newsletters, and much more.
All of these features are vulnerable to hackers who can steal your subscribers’ information, access your accounts, and even use your page to distribute malware without your knowledge.
The possibilities are endless, which makes it a top priority to keep your site as protected as possible.
5 Steps You Can Take to Protect Your Website Today
1- Change Your Login Page
Most people, and all hackers, know that there’s a default login page for website admins.
If your website is hosted on WordPress (it probably is), it’s pretty easy to find this login page: You just have to add wp-login.php or wp-admin to the end of your website.
Change your login URL so that only you know your login page. You can do pretty much anything that makes sense to you here, like www.mysite.com/this-is-my-login.
By customizing this login url, you add one extra level of safety to your account.
Simple enough, right?
2- Keep Your Website Updated
An outdated version of your software can compromise your and your visitors’ data.
Being an open source software, WordPress regularly releases updates, and these updates tend to be installed automatically when they are minor.
However, for bigger updates, it is up to you to keep track.
Make sure to be on top of any updates for plugins and themes on your site to keep every aspect running smoothly, not only for safety, but also to give visitors the best possible experience.
3- Login and User Information
One of the most obvious ways for a site to get hacked is by hackers trying to force their way in through the login and password. And having a strong password is not enough.
With all kinds of tools available, like password-cracking software, you need to guarantee that, if someone is trying to force their way into your account, you will find out soon enough. Make sure that your contact info is updated and your notifications are on for safety situations.
A simple way to prevent unwanted access to your site is to set up a plugin to lock your site and notify you when a username/login combination is used multiple (failed) times.
It’s annoying to get some emails every now and then, but I would rather get those emails than sit down to work one day and realize my website has been hacked.
Another option to strengthen your login process is to use Two Factor Authentication, which means that, besides your standard login information, the system asks you to provide further proof of identity, such as a secret question or a code sent directly to you.
You can also add a plugin to automatically log any idle users out of the page after a certain period of time. This prevents people from entering your site by expiring open sessions.
Usernames Vs Email accounts to Log In
Your username is visible to all your website’s visitors: It usually shows up at the bottom of a post.
Logging in with an email instead, you get an extra level of security since that email can be pretty much anything under the sun.
Remember that email you opened back in 2006? No one would guess that you are Pink_stardust46@coldmail.com.
Select the Best Password
I could write a whole article about passwords, but I won’t (not today, at least).
A weak password is the easiest way for a hacker to access your account. Anything with your name, identifiable dates, or other personal information is a big no-no.
A strong password should have a mix of different characters: upper and lower case letters, numbers, symbols, a word in a different language, or even characters from another alphabet, help ensure that your password remains your own.
Some apps and smartphone widgets generate secure passwords for you with all these elements.
4- Set Up a Web Application Firewall
A Web Application Firewall, or WAF, is a type of firewall dedicated to monitoring, filtering, or straight up blocking, HTTP traffic to (or from) a web application.
This plugin will keep an eye out on the traffic to your site, keeping it safe.
Additionally, consider incorporating a reputable Virtual Private Network (VPN) to encrypt your internet connection, adding an extra layer of security when accessing your website remotely.
5- Get an SSL Certificate
A Secure Socket Layer (or SSL) shows up as that shiny green lock next to the URL in your browser.
This protocol encrypts the information coming into (and going out of) your site, making sure that only the user visiting the website is able to see this information.
This is especially important if you have your users provide payment information (for an e-commerce, for example).
But it has other benefits. It can even help boost your website on search results because it’s seen as a legitimate website, which makes you “worthy” or showing up in search.
A hacked website means a waste of time, effort, and money. Your visitors/subscribers’ data is compromised. Their identities can be stolen. And your company suffers a huge blow.
Everyone who visits your site can be affected by one mistake that makes your site less secure.
The right security settings make your site safe and protect you, your business, and your visitors. Which helps you build trust and have recurring traffic on your website.