If you have a website, it can become such a headache if it gets hacked into. It not only makes you paranoid, but it puts many businesses main source of leads at risk; potentially taking your website offline for an extended amount of time until you can get the site back up and running.
To make things potentially even worse, when your site is hacked, Google flags it as a potential threat for anyone who attempts to visit it. Just what you need when a potential lead may be on the hunt for your product of service.
While I love Google for this warning message as a consumer, as a business and website owner, the thought of potentially chasing away leads makes me break out into a cold sweat. This not only looks bad, unprofessional, and untrustworthy to your customers, it can be a time enveloping hassle to get the issue straightened out with Google.
So why not do your due diligence and try your best to safeguard yourself and keep your website safe from hackers.
Where it may be impossible to fully protect your website and computer systems from hackers, there are a few very important things that you can do to slow them down.
1. Change Passwords Frequently
One mistake people make is that they use the same password for twenty years and they use it for everything. It is understandable that people do this, because who really wants to memorize 20 different passwords. Or even worse, 20 different passwords only to change them all and remember it all over again.
The issue is that if someone hacks into one of your accounts, let’s say e-mail, they can hack into any other account that uses that same password. If you use that password for every account you have, you could be in serious trouble.
The best way to reinforce the importance of changing passwords is if you understand one of the most common forms of website hacking. Brute force repetition.
Brute force repetition is about overpowering the computer’s defenses by using repetition. They use a program that will generate hundreds of thousands of combinations until the program stumbles upon the perfect number and character combination to gain access.
So, if you change your password every few months, if they do finally guess the right one, you will have changed it already.
But be aware of one important factor with your password changing. When you do pick a password make it difficult to guess. Using your name and birthday is probably not the best idea.
Ideally you should use a combination of letters, numbers and special characters. If you have trouble remembering your password make sure you write it down and keep it in a safe place that only you can find.
2. Back-Up Your Website
Just about the very best safeguard that you can set in place is the simple act of making sure that your website is backed up. Backing up your website won’t prevent it from getting hacked, but it will prevent you from losing any information in the event that it does. It also makes the process of getting the site back online much, MUCH faster, making the potential weeks of downtime minimal compared to if you didn’t have a back-up.
You can back-up your site a multitude of ways, including just on a DVD, flash drive, external hard drive, or even in the cloud. But what’s most important is having the right things backed up.
Backing Up Your Core Files
The first important part of a correctly backed up website is what is contained with-in your websites server through FTP (File Transfer Protocol). This includes the physical files and coding that make up a standard website.
This can be done by logging into your web server through some FTP software like filezilla. But if you have a CMS, which the majority of quality websites are now a days, what’s contained with-in your FTP is not the only thing that you must backup.
Backing Up Your Database
A CMS, or content management system, normally works in conjunction with a database that it stores all of its data in. Backing-up databases do vary depending on what your database is…based in, so you need to find that out first. The easiest way to find that out is through the great web tool BuiltWith.com. It will provide you with every scrape of info that you would need to know in terms of what your site was structured with.
If your database is mySQL, which would include the majority of major CMSs, you can back up your website through your site’s C-panel or your web hosts backend administration system.
But be cautioned! It’s best to either have your web designer or host do this. That or at least have someone who knows what they’re doing walk you through this once or twice.
No trustworthy web designer or someone with the right knowhow for you to call upon? Don’t be dismayed! (Other than calling us) If you have an open-source CMS like WordPress, there are normally a plethora of free plug-ins available to you. For us, our favorite wordpress plug-in solution is Updraft Plus. But once again, even with a plug-in, it’s always best to allow someone with experience do it for or with you.
3. Stay Up to Date
Updating your website software is vital to be protected. This includes both your web hosting software as well as any type of system that you have.
I’d argue that the best web-based systems are open-source. Your system probably is. Open-source systems allow for giant communities to develop awesome, flexible, and comprehensive systems and languages. And best yet, they’re free!
But one of the slight downfalls of open source systems is that same thing that we all love. The fact that everyone has access to it.
That term ‘everyone’ includes those very hackers that we despise. They are always looking through these open source systems for holes in their armor.
But hackers aren’t the only ones! The open-source community is as well. Updates are many times the result of these efforts. It means that they’ve found a potential weak point in an open-source system’s defenses and repaired it.
If you aren’t applying updates regularly, you are setting yourself up for attack. When an update is available you should usually be alerted. (Or click here to subscribe and we’ll let you know!).
To ensure that an update is applied every time, you should download the updates as soon as you see the alert. Sometimes it is tempting to save it for later, but many times we forget and these needed updates will accumulate, making you more vulnerable for an attack.
It may be a good idea to check monthly that everything is up to date just in case an alert did not pop-up or you happened to skip over one.
(CAUTION! Make sure that you always backup your systems before an update. An update always has the potential to conflict with some piece of code on a site.)
4. Have a Reliable Hosting Company
A good hosting company is your first line of defense against a potential hacker. It won’t completely protect you, but it can definitely be a good starting point. Good hosting providers try their best to protect all of their websites from being compromised by the use of firewalls and updated software.
For instance, the hosting service that we provide here at Cimetta Design includes an entire FTP and Database system backup. That way, God forbid anything happened to your site, hacking included, we could have your site backup in less than 24 hours.
Even with that being the case, it is still up to you to create a secure password and take the right steps to ensure your site’s protection.
5. Sign-up for Google Webmaster Tools
Google Webmaster Tools are an awesome free service that allows you to see what is being indexed and keep an eye out if anything looks suspicious.
Having an account will alert you to malware threats so you can then take the proper precautions and prevent your site from being hacked in the first place. If you still happen to get hacked, a Google Webmaster account will help you get up and running much faster.
6. Be Careful Which Add-ons and Downloadable Plug-ins
If you are adding any type of widget or plug-in to your website make sure it is reputable and is secure.
Read reviews before installing any type of add-on to be sure you really need it and there are no major problems with it. It’s also always a good idea to run it by your web designer or host.
Many hackers use these insecure plug-ins as a gateway to compromise your entire site.
7. Use Encrypted Services
Encryption is a way to keep your information hidden from hackers. Consider using a more secure e-mail and file transfer system. Whenever you are sharing information that hackers could use against you, encryption may be a way to prevent anyone from stealing it.
For more information on encryption, read this really in-depth article on howtogeek.com.
Better Safe Than Sorry
Just like the grand expanse of ramparts that you had to bring up in order to sufficiently protect you and your company legally, these are the shields to help defend your most important marketing asset – your website.
It’s a lot, and it’s complicated, but we’re always here to help! Give us a call at 954-680-4584 and we can help find you the best safety measures for your online system.