- Canada's Leading Web Hosting and Domain Name Provider
website security

How to Make your Website Secure: Protect Your Content in 2018

“It can’t happen to me” is how most website owners think of hacking attacks and computer viruses. But one thing is certain – website security matters. And literally any site, regardless of its size and niche, can be hit by various threats.

But even if you’re a complete beginner, you can successfully protect your web property. Just follow our straightforward tips on how to make your website secure, and do let us know if we could help in any other way!

Tip #1 – Update your site regularly

Whenever you get an “update available” notification, do not ignore it. As soon as you can, be sure to update and/or upgrade your site script, to fully enjoy the newest features. It’s indeed quick, but the vital step to website security. Keep in mind that the new version of your web script also fixes bugs and errors, which can improve your site’s performance.

Tip #2 – Keep your passwords strong and updated

To further enhance your website security, make sure all your passwords are strong. What does that mean? Well, avoid using your birth date, name and similar easy-to-guess words. Utilize the power of numbers, but also add special characters, including both lowercase and capital letters. Finally, remember to regularly change all passwords connected to your website’s services.

Tip #3 – Invest in privacy protection

When you’re buying a domain, most providers offer an additional layer of protection (some even offer it for free). So consider hiding your basic information, to prevent scam emails and other threats. Would you stand in the middle of the street, yelling out your personal, confidential data to everyone? You’ll agree there’s no reason to do the same online.

Tip #4 – Delete your site’s installation folder

Once your website is installed, set, and running, feel free to delete its installation folder. Besides the fact you won’t need it anymore, such a step actually adds to your site’s security. How? Well, hackers could remotely access your computer, run the file, and from there – gain control of your website. Therefore, either rename or delete the folder to stay safe.

Tip #5 – Make plugins work for, not against you

If neglected or poorly chosen, plugins could harm your site. But on the other side, a wise choice of plugins can add an important layer of security to your web property. Focus on those who boost the functionality of your site’s script, without burdening and slowing it down. Also, keep all of your plugins up-to-date and don’t hesitate to remove any suspicious ones. Better safe than sorry.

Tip #6 – Educate yourself on web security

Each day, hackers, spammers, and various scammers discover new ways to attack websites. Despite the fact we can’t control everything, there’s still a lot of steps we could take to protect ourselves. Do your best to read the leading tech blogs, learn all you can about new threats, and then focus on what you can do to secure your website.

Tip #7 – Use the SSL certificate

This one is crucial. Basically, your credit card information, usernames, passwords, and all other sensitive data should be hidden. And with an SSL certificate, your data becomes wonderfully encrypted. This means your information will be protected from malicious sources, and visible only to the server you’re communicating with at that very moment. So, make sure you’re conducting all confidential actions (purchasing, signing-up, and similar) with an SSL certificate in place!

Tip #8 – Stay in full control

It might seem easier to let others manage your web properties. But we warmly advise you to stay in complete control of your website in order to keep it secured. A third party, such as a marketing agency, should definitely have access to some parts of your site. As the owner though, make sure you’re the only person having a full access to an account.

Are you using WordPress to host your site? Here are some tips for specifically securing your WordPress site:

Securing Your WordPress Website

Using Monitored Firewalls

When looking for a hosting provider – make sure they have strong monitored firewalls set in place internally.

This ensures the servers where your WordPress website is hosted are protected and being watched over for suspicious activity.

In addition to having the server firewalls up and running, ask how often the hosting company updates their server software to close potential exploits.

At CanSpace we monitor our servers and client accounts 24/7. This helps ensure the utmost level of security.

Using Web Application Firewalls

In addition to server firewalls, securing your WordPress website can be done with a WAF (accessible from your cPanel).

The best hosting companies will provide this. We base our WAF on OWASP rules. Which helps prevent attack attempts to web software.

It is especially powerful in securing WordPress websites, Joomla etc.

However… Since this isn’t a legal requirement to be a hosting provider, most don’t bother to set up a WAF. So remember to ask the hosting company you’re checking out if they do or not.

Securing Your WordPress Website with Plug-ins

There are a number of awesome, free plug-ins you can check out and install to ensure, without a shadow of a doubt, that your website is protected.

Some of our favorites are…

Limit Log-in Attempts

protecting wordpress security with limited login attempts

This plug-in limits the amount of times a person can try logging into your site before being locked out.

Limiting the login attempts helps secure your WordPress site by ensuring hackers can’t run password cracking software to try and get into the back-end of your website (which does happen).

All in One WP Security

wordpress security plug-in

As the name would suggest, All-in-One WP Security does a number of things to help secure your WordPress website. Primarily it…

  • Checks for exploits and vulnerabilities
  • Implements security updates automatically to fix security issues
  • Gives you a visual “scoring” system so you can see how protected your site is

BulletProof Security

There are too many features to list here, but BulletProof Security is a great plug-in to protect your ass-ets.

They help secure your WordPress website in a number of ways – similar to “All-in-one” but more extensive in their features.

So, are you looking for a hosting provider that will ensure your website is fast, reliable and secure? Sign up today. We’d love to get you online (and keep it that way!)

 

Conclusion

Here are our top 8 tips on how to make your website secure in 2018 and beyond:

  1. Update your site regularly
  2. Keep your passwords strong and updated
  3. Invest in privacy protection
  4. Delete your site’s installation folder
  5. Make plugins work for, not against you
  6. Educate yourself on web security
  7. Use the SSL certificate
  8. Stay in full control of your account(s)

Use the above resources to secure your WordPress website both with plug-ins, and by ensuring your hosting provider has the right firewalls in place to prevent attacks.

With all it’s ease and affordability of use, WordPress, while a great platform, does have issues with security from time to time.

This means it’s important to figure out the places hackers exploit, and plug up those holes so you don’t run the risk of website hacking or losing sensitive information.

Hope these help, and now that you know the basics of website security, head to this page to fearlessly start building your own website!

The CanSpace Team

CanSpace is Canada's leading domain name registrar and hosting provider. Keep an eye on our blog for expert information around websites and running a business online.

Archive