How can I protect my website from being hacked?

Image of text reading "www."

Having a website is like having a virtual shop front to your business and provides the ability for your visitors to come and browse you and identify possible products and services they may like to buy. However, like a physical shop front, you should ensure you have security measures in place to protect the information that is stored on your website.

1.      Perform regular backups of your website.

Having a regular backup of your website providing you with the ability to have a copy of your website to restore if required. Whilst website hosting providers will often perform nightly backups, there is often a cost to restore these. We suggest at least taking a backup once a month to ensure you have a copy of it at a point in time to restore to if required.

2.      Remove any users no longer required and change passwords.

Depending on how your website was designed, you may have had a previous designer or developer or staff who have had access to your website to maintain it on your behalf. If these users no longer require access to do this, we suggest you remove or change the level of access to not allow them to make changes. Similarly, change your passwords on a regular basis. Passwords that have not been changed for some time may be likely to be compromised especially if they are simple.

3.      Install updates on a regular basis.

Most of the common website content management systems, including WordPress, Joomla and Drupal, all require regular updates, along with any associated third-party plugins, themes and translations. These improve the features, performance and security of the website.

4.      Disable or remove unnecessary plugins.

You may have plugins for your website that you are not using. If you have upgraded your website in the past, you may have plugins installed that were from your older website, or are no longer in use. If you are not sure if you are using them, you may decide to disable these until you determine that they are not needed. However, if you are certain you are not using them, then you could remove these.

5.      Install a security plugin to report security issues.

There are various security plugins available that can notify you when an administrator logs on to your website, users have been blocked (through incorrect passwords when attempting to login or malicious attacks), when files are modified, and when updates are needed.

6.      Consider a website maintenance service.

You may wish to consider a website maintenance service, such as CyberGuru’s to perform the review and maintenance for you, including backups, updates and test your website on a monthly basis. For further details, please see the Website Mainternance Service page on the CyberGuru website.

If you would like to know more how you can protect your website from being hacked, please contact us today.