While you may not think your website is of value to hackers or vandals, it can be compromised at anytime through certain vulnerabilities. Most of the time, website are hacked not to damage the owner, but to use as a staging point for attacks and email relays for spamming others. Proper website security can help protect you and others online from predatory behaviors.
If you’re a client of Cohlab and have one of our websites, be sure you’re on our maintenance program so we can protect your website. If not, our new Trustdyx websites offer sleek designs without plugins or major security holes, making your business website safer than ever.
Get in touch today to learn more.
Whatever server or CMS you use, keeping software and plugins up to date is extremely important. It might seem easy, but modern websites have many moving parts which interact together. When one piece is updated, it may not work perfectly – or at all – with the other pieces.
While there can be downsides to updating, having a professional take care of it can ensure it’s done correctly and everything continues to work smoothly.
The risk to not updating is that hackers exploit those who don’t update, since so many websites use the same or similar products to get the job done.
You know you should use a variety of complex passwords . . . but, do you? It’s crucial to protect your hosting and website administration area with strong passwords.
Hackers have many ways of stealing or breaking through passwords, from simply stealing and guessing to sophisticated cracking tools and network analyzers.
When considering your password, be sure to use best practices like:
- Minimum of eight characters
- Upper and lowercase letters
- Symbols and numbers
- No identifying information (i.e. name or birth date)
- No keyboard strings (i.e. qwerty or 12345678)
Alternatively, with a Trustdyx website, no password is actually needed. Changes can only be made through a proprietary program, making it even harder to hack.
HTTPS is a protocol used to provide security over the internet. If you look at the top right of many websites, before the “www” will be “https://”. This means no one can intercept or change the content being transmitted between the website server and your browser. Credit card and login pages should all be HTTPS, but soon every page of a website will need to be as well.
Without HTTPS, an attacker could create a visually similar website and redirect your visitors there, and they would be none the wiser if they didn’t investigate further. The attacker could then steal any information they enter into the fake website.
That’s why our Trustdyx websites offer HTTPS standards as part of their website security package, to protect you and your visitors.
Once you think you’ve taken all the website security precautions you have, the best thing you can do is have a good plan in place for recovery. With regular backups, if something were to go horribly wrong at least you can recover your website to a point earlier in the day or week.
With Trustdyx, every time a change is made to the website, it’s backed up. That means if something were to go wrong, we could restore your site to the exact point before an attacker altered it.
Once you think you have done all you can then it’s time to test your website security. The most effective way of doing this is via the use of some website security tools, often referred to as penetration testing or pen testing for short.
The results from automated tests can be daunting, as they present a wealth of potential issues. The important thing is to focus on the critical issues first. Each issue reported normally comes with a good explanation of the potential vulnerability. You will probably find that some of the medium/low issues aren’t a concern for your site.