When a website gets hacked its not just your website that threatened its your whole business, a website that is hacked is quickly blacklisted resulting in no website traffic, but what is often overlooked is as your domain name is a blacklisted this impacts your emails. The end result being a disaster if it goes on for too long, this is why being hacked is a fear almost everyone that has a website experiences, no matter how large or small your business is.
Here are a few tips to help you prevent a website hack.
Create Hard Passwords for Your Logins
Passwords should be 16 characters and include uppercase, lowercase, numbers, symbols, and spaces. In addition, ensure that you don’t use the same passwords for everything. Then you should change them often, approximately every 90 days.
Keep Your Site Backed Up
You should back up your site every single day. Plus, back it up before you change anything and then again when you know the changes are working. Keep multiple backups, because you may not notice a problem with your site and accidentally have an infected backup.
Purchase a Monitoring Service
There are numerous services that help tremendously with keeping your site safe from hackers. Solutions like eSecurityToGo is a good choice, as is SiteLock. Look for something within your budget. Ask your colleagues if they know someone.
Review Custom Code
Sometimes custom code can come with some serious security issues and ways for hackers to break in. Check all custom code to be sure it’s secure. If you outsource this, ask that they ensure it’s secure and to explain to you how it’s secure.
Some people buy or use free plugins, apps that add functionality to your website, and they can leave holes for hackers to exploit. Check to ensure that your plugins don’t offer openings for hackers.
Update to SSL
If your site doesn’t have an “s” after the HTTP, then you’re missing out on some security for yourself and your customers. Be sure to upgrade as soon as you can to SSL. Ask your hosting about it.
Toughen Access Control
You don’t want too many people to have admin access to your website. Lock that down so it’s just a couple of people who need that type of access. The fewer times you share that information, the better.
Install Security Apps
There are many apps you can install that tighten up security. For WordPress, you can install Wordfence, Sucuri Security, and others. Check with your theme maker too, as they might have their own plugin that works best with their theme.
Wordfence – https://wordpress.org/plugins/wordfence/
Sucuri Security – https://wordpress.org/plugins/sucuri-scanner/
Hide Admin Pages
Don’t make admin pages or login areas visible to the public. Keep them private by giving them a link that only the people who need access know, instead of keeping it /admin.
Update Everything Often
It’s important to update your website, any special code, apps, plugins and so forth to close any security gaps. Most updates plug holes in security, while some of them improve functionality.
You can keep your website safer but if your site gets hacked anyway and its impossible to stop hackers, it’s best to have a clean backup of your website, that way you can easily restore the website, fix however the hackers got in and be on your way.
If you need help, you can contact me… for my clients all websites are backed up daily, with a monthly backup help as an archive to ensure a clean copy is always available especially when combined with a monitoring service and malicious code removal service.