Cyber Security

Five tips to keep your website secure

Tuesday, 07 March 2017 16:49
Written by Julie Foster

From time to time I like to revisit websites that we’ve developed. For many of our clients, we design and develop the site and “hand the keys” over to them once it’s up and running. Not too long ago, I visited a site that I noticed had garbled text in place of the text that was supposed to be there. My mind immediately jumped to the fact that the site must have been compromised by hackers. I fired off an email to my contact letting them know of the situation. Fortunately, this story has a happy ending that came without too much hair pulling. They were able to restore the site fairly quickly with no adverse effects.

Unfortunately, not all hacked websites are restored as quickly and stress-free. Hacking combines elements of online vandalism and theft. Often files are infected to propagate malware or direct visitors to questionable websites. Here are our five tips to implement immediately to help keep your website secure.

  1. Choose a secure password and update on a regular basis. A secure password is not “password1234.” We recommend using a random series of lower and uppercase letters in combination with numbers and special characters of at least 10 characters. Many CMS platforms require between 8-12 characters – the longer the better. Try using an online tool to test your password strength.
  2. Conduct regular updates of the core CMS operating system files and third party plugins and widgets. Generally, updates are released on a quarterly basis and occasionally more frequently in the event a security issue is discovered. Notices of updates are usually quite obvious when logging in to the backend of the site.
  3. Conduct backups of your entire site including all databases. In case your website is compromised in some way, restoring from a backup is much easier than having to recreate from scratch. If your site changes frequently, we recommend more frequent backups. If it’s relatively static you may not need to update as often.
  4. Set proper user permission levels for people making updates. Not every person who makes updates needs access to every part of the site.
  5. Install reliable third party tools by making sure you select extensions that are reputable and have responsive support. Start by reading reviews to see what others have to say and make sure there is a history of regular updates by the developer.