With 23,000 new malware samples per day and over 90,000 hacking attacks per minute, keeping your website safe is increasingly becoming very important. How would you rate your website security? There’s a great chance that it could get better. There is a statistic that 43% of cyber attack target small businesses which shows how important small businesses should take web security. Lack of website security is a major concern and even big organizations are prone to security breach. With so much people now on the web and things getting complex, it is imperative you know how to protect your website.
1)Backup! Backup!! Backup!!!
Every website owner should have a backup of their website. This is to avoid you from starting afresh incase something happens to your website or not lose valuable data. A hosting company like Garanntor offers backup service for all its clients on a weekly basis
Ensuring to download updates on any software attached to your website is really an important part in keeping your website secure. This may be your server operating system or any other software like CMS. Hackers are quick to take advantage of any security hole found in any software, which can be avoided by installing the necessary updates.
3)Secure Managed Hosting
The more secure your web server is, the more secure your website is. Ensure hosting your website with a company that takes security seriously.
4) Link Clicks
Make sure you are really sure of a web link before clicking on such links. Spammers can use open redirect on your website to redirect web traffic from your website to the spammer’s website using a link that looks innocent. You can check to see if your is not affected by opening google search and typing sitethedomain.com, and replacing “thedomain” with your actual domain.
Of course, it’s no news that complex passwords should be used but not everyone uses complex passwords. Ensure complex passwords are used to your admin and server admin area and also encourage web visitors to use strong passwords as well. This may be done by enforcing password requirements like using uppercase, password length etc. Passwords should be encrypted, using one way hashing algorithm, For advanced web security, you may salt the user passwords.
HTTPS is a protocol that is used to provide security on the internet. HTTPS guarantees that web users are linked to the servers they expect and that nobody can intercept or change whatever they are doing online. It is always highly recommended to use HTTPS, especially when users submit their personal information on your website. Fortunately, some hosting companies like Garanntor offers Let’s encrypt totally free with any web hosting subscription. Let’s encrypt provides automated certificates for enabling HTTPS. Google has also started flagging websites without HTTPS as “not secure”.(Read more).
Website scanners like Siteheck, Sitelock or Secure can help to scan your website for malware or any suspicious codes. If you think your website has been infected, you will want to scan it immediately. It is also advisable to scan your website once a month to be on the safe side.
If you host your website with a hosting company, you may buy additional security for a token if they offer this. EV certificates, Thwarte SSL 123 are good examples of additional security that can be bought.