Website Security Tips

Up Early Designs

In a recent post, Website Security, we discussed security as it pertains to your website. Though the subject is broad, we went into some detail on the subject.

Today, let’s dig a little deeper with some specific website security tips. Or if you prefer, have us handle this task with our Website Monitoring service.

Website Security Tips

The following items are not an end all. There is more to ensuring your website security than these steps. But, they are a good start.

It should also be noted, no matter how secure you think your site is you are never 100% secure. If someone wants to gain access to your website and has the determination and resources they’ll get in.

It’s a simple reality and a sign of the times.  But at least you can drastically improve the overall security of your site. And greatly reduce the ability of someone gaining access for malicious reasons.

Software Updates

Updates come out all the time. Especially in the case of WordPress, since 30% of sites use their platform. As soon as WP identifies a threat they develop a “patch” and push  out a new version.

So you need to stay on top of this. Checking your site once a week or once a month is not sufficient. You need to check daily. And as soon as updates come out, push them into production.

Plugin Updates

Similar to software updates with the WP platform, plugins also update regularly. And need to be pushed live. Plugins are not limited to WP but used across many other platforms.

So check daily for these updates. Many, such as e-commerce type of products will update daily. Sometimes multiple times per day.

Login URL

If a robot knows the address of your login page, they will do all they can to gain entry. In the case of WP, the login address is pretty standard. That’s not a fault of WP as the files come pre-packaged. Addresses are automatically set.

There are ways around this though. You can do a custom installation. Or the easiest is to change the URL, or path, of the login page.

Though this won’t prevent unauthorized entry, it helps a lot. Since there are three pieces to gaining access, location of the login page, username and password.

Login Credentials

The two remaining pieces to reduce unauthorized access to your website deal with login credentials or your password and username. Give those away and your website’s front door is wide open.

Don’t use common terms that someone could easily guess. In the case of WP you can’t use the word “admin” nor should you use something like your email address or name.

With passwords, it’s strongly recommend to use an online tool that generates a very secure password. Full of case sensitive alpha numeric characters.

And don’t use the same password for your website that you use for everything else.

Conclusion

A little diligence will go a long way. But it requires diligence. Maintaining a somewhat secure website is a daily task. Though no guarantees, with some effort you can greatly increase your website security.

If you would like Up Early Designs to manage this for you, please visit Website Monitoring or to learn more website security tips, please contact us. 

Categories

Archives