Too many of us think about security after something goes wrong. With the recent breach of Adobe many of their clients will be rethinking the security of their passwords and data at the moment. How often do you think about the security of your website?
Here are simple tips that will help keep your website secure.
If you can remember your password it is probably not secure enough. A ‘dictionary attack’ basically works its way through common words based on the dictionary, hence the name. If your password does not contain a real word then you are already more secure than most WordPress websites. There is a great post from WordPress.com about creating secure passwords.
Tempting though it is, don’t repeat passwords. If someone gains access to one source you do not one to give them access to other accounts.
Keep the admin email address used to login to your webserver, CMS, database etc. away from the public eye. Use a different address in your contact page. This will add another layer of protection from being scammed by a phising emails disguised as coming from your web host or domain registrar.
Whatever you do to prevent it nothing is 100% secure. Regularly backing up your website will also ensure if you are ever hacked it is easy to return to a clean version of your website.
Do some research and choose a good quality web host. Your website is only as secure as the web servers you host it on.
Some scripts require you to change permissions to give them read & write access while installation. This can achieved by using the 777 code on vital folders like config, admin etc. Always Revert the file permissions back to their original code, say 755 or 644. A file or folder with full read write code gives easy access to inject malicious code in your website.
There are a few interesting security plug-ins for WordPress that can also help to protect your website.
Bad Behaviour – a free plug-in that helps to secure your website and blocks known blacklisted IPs. I use this one on all my WordPress websites.
Better WordPress Security – also has consistently good reviews. However, it is not one I have personal experience of.
There are regular updates to help combat any security vulnerabilities. Always keep up-to-date. This includes updating your plug-ins.
A theme is the design and layout of your WordPress site. A good theme will be flexible enough for you to insert logos and change colour schemes to reflect your brand. It will also be built with security in mind. You can download new themes from directly inside the dashboard of your WordPress site. Always click on the ‘details’ link before installing a new theme to check out its credibility and compatibility with your site. There are a lot of free themes of varying quality.
It is worth spending some time as this will control the design and have major control over your visitors experience while visiting your site.
Plug-ins are extensions to the functionality of WordPress. They can range from inserting code for Google analytics, linking to your social media accounts or even a shopping cart to turn your site into a fully functional on-line shop. There are a lot of free and commercial themes.
Too may of us back-up after a scare and then forget about it. Regularly backing up your website will also ensure if you are ever hacked it is easy to return to a clean version of your website.
With just a few simple changes your website could be made more secure and easily recoverable if the worst happens.
Comments are closed.