The Internet helps every business connect to potential customers all around the world. No wonder everyone is getting their businesses online. And this is just the beginning, as our personal lives will become even more dependent on the Internet.
However, this wonderful trend comes with some risks. As more and more of our businesses and details get online, they become even more vulnerable to hackers who may gain access to insecure facilities and retrieve very private data.
Have you been following the Panama Papers saga? According to WordFence's blog, Mossack Fonseca was probably breached due to an outdated Revolution Slider plugin on WordPress! Can you imagine that? This scandal has led to some embarrassment for top officials, and even some resignations, and was probably due to outdated plugin!
I cannot over-emphasize the importance of keeping your site safe, updated and secure. In many cases, your site may have even been compromised and you may have no idea it has been. Some hackers are interested in using your site to send spam mails. Others however, may be more interested in causing your business even more harm. If your online business is very important to you, you will take care to read this article.
How do I protect my site?
Many have said that the process of keeping your site safe is not one-time, and I agree with this. You will however be shocked that some basic daily habits could save most sites from getting compromised.
Here are a few tips you can start with.
- Strong Passwords: You will be tempted to use a password that you can easily remember. Easy to remember passwords can also be easily guessed. As a rule of thumb, never use a password that contains words in any dictionary in any language! You can use a site like strongpasswordgenerator.com to generate really strong and unique passwords. A strong password will have the following features
- It will be eight or more characters long
- It will contain alphabets, numbers and special characters such as (@#$%^%&*)
- It will also be a mix of uppercase and lowercase alphabets
- Unique Passwords: Don't use the same password for more than one site. As if point 1 was not complicated enough. This is really important because if you use the same password everywhere, then if someone has this password, the person has access to ALL your online identity and I am sure you don't want that. You may use solutions such as dashlane.com to keep track of all your passwords.
- Two Factor Authentication: Whenever possible, enable two factor authentication. Two factor authentication further secures your system because anyone who knows your password would have to additionally provide a code that only the person with an authorised device can generate. Most Nigerian banks use this to further secure online banking. You click here to learn how to enable two factor authentication on your clientarea. WordPress users may click here to learn how to further secure their blogs with two factor authentication If you use GMail, you may also click here to learn how to enable two factor authentication.
- Update Your Scripts: After building a beautiful site, you are tempted to believe that you only need to update the content on the site and you are fine. That is however far from the truth. WordPress sites have become targets of hackers and in many cases, the reason they get in is because the WordPress installation or plugins are outdated. Regardless of the scripts you use to power your site, you need to ensure that they are always updated. The developers usually release critical patches to close up bugs or security loop holes that hackers take advantage of. So if you run a business and don't have someone managing your site for you, you probably should reconsider that.
- Install Security Extensions: Popular blogs such as WordPress have security plugins and extensions that can help you in securing your site even further. I will recommend iThemes Security plugin as it does a fantastic job in securing your WordPress site. You may click here to learn how to get started. The free version is awesome enough for you. Also ensure you follow security tips from the developers of the script you use.
- Use HTTPS: When you visit a site that starts with https, it means that every communication with the site is encrypted such that someone who intercepts it cannot easily decode the message. This is especially important if you will be logging in or performing transactions that should be secured and private. If you have a site with a login page, then you need an SSL certificate. You can get one from here. If you are hosted with us, we will even help you configure the certificate (as long as it is Domain Validated, DV). If you are not hosted with us, check our knowledgebase to learn how to get started.
- Scan Your Site: I am sure you have an antivirus running on your laptop or mobile device right now. If you don't, then you should! It is also a great idea to have a scanner, checking your site for malware and loopholes and alerting you when something suspicious occurs. We will recommend SiteLock as it is a complete solution that should work for you. It does not only scan, but it also removes malware and alerts you on security loopholes on your site. If you are hosted with us, we will be glad to help you configure SiteLock for your site after purchase. If you are not hosted with us, the process of configuration is simple. Just follow the steps highlighted here.
- Backup Your Site Regularly: What if your site gets hacked? In some cases, hackers have deleted important content that cannot be found elsewhere. What do you do then? Don't wait till that happens. We STRONGLY recommend CodeGuard, a new introduction to our security offering. CodeGuard helps to backup your site incrementally, such that you can restore your site from any period. It works great with most hosting panels and support Content Management Systems such as WordPress and Joomla. It is very easy to setup and we have a rich knowledgebase to guide you through the process. If you are hosted with us, we will be glad to assist you with the configuration.
There really isn't a single solution that will protect your site. I will recommend you consider all the options stated above, especially point 8.
If you have any inquiries, feel free to contact us.
