Cheap Windows Hosting – Security Tips to protect your Website
CheapWindowsHosting | Hi today we will share article about security tips for your website. We will look at the 6 simplest ways to help improve your website security. Not only for web developers, but also for anyone who has, and maintains a website and users who use the internet.
1. Strong Passwords
To keep your account passwords safe, you need to use a unique password for each of your important accounts e.g. social media accounts, bank account, your email password and your WordPress (or other platform) password, also do not use ‘admin’ as the username for your website’s backend. Here’s tips how to create a strong password:
- Use a mix of letters, numbers, symbols, capital letters and lowercase letters
- 12 characters minimum
- Don’t substitute obvious number and letters
- Don’t use consecutive numbers like “123” or simple dictionary words, personal information or part of your domain name.
There are automated robots out there that will try to guess your passwords. Don’t make it easy for them
2. Security Review
Do you want to keep your website safe and increase website performance? That’s a loaded question since every site owner wants their site to be safe and fast, but what are you doing to protect your website from hackers? Here’s our recommendations to start with:
- Scanning your website for malware and vulnerabilities with Sucuri’s Site Check, Byte’s MageReport.com for check Magento site security, and wprecon.com for check WordPress site security.
- Ask your developer to check for vulnerabilities on any of his/her coding using the vulnerability scanning tools.
- Check your WordPress or Magento’s admin users, make sure you don’t use ‘admin’ as the username but change to a strong password.
- Install and run ant-virus software. There is a popular free software from Avira’s Antivirus for both Mac and PC.
- Keep your computer softwares updated to the latest versions and update WordPress and plugins (or other platforms).
- For WordPress site, consider adding Wordfence or iTheme Security and WP Super Cache plugins to improve site security and performance.
We also suggest a reminder in you calendar every 6 months to review your website security. Remember to ask your developer to help with improving site performance as every user wants their website to load faster.
3. Update WordPress, Plugins or any of other platforms
Running the latest versions of the software you use is important, see our FAQ for more information on how to update WordPress and plugins. This also includes any of the platforms or security patches on Magento which provide fixing known bugs or security.
We recommend to completely uninstall and delete any unused plugins / modules / addons / files from the server. Do not just deactivate them and do not leave the “old version” of your website on the server. Old sites get neglected and forgotten and it becomes an easy target for malware and hackers.
4. Secure Hosting with Regular Backups
Beware of cheaper hosting as they are not all equal. It depends on the level of support, regular maintenance and keep up to date with server software and regularly patched to ensure the highest security.
Here at ASPHostPortal.com offer reasonable hosting solutions to clients with their reseller hosting, which they use to manage web hosting on behalf of their clients. With personality and fast support from the hosting company this can provide some cost saving for web development.
When choosing your own hosting, ensure the service includes regular backups (daily) and restore.
5. Use SSL
SSL (Secure Socket Layer) or HTTPS is commonly used on eCommerce or credit card payment pages for sending secure data across the web browser and server, securely with an encrypted link between those. But in reality, SSL would be a great security step for whenever a user is passing sensitive information to the web server such as username and password, as you can see this in the url bar at top of the browser window with mark by https// instead of http:// with a little security lock.
To use SSL you need to purchase a SSL certificate from a web host and install it on the server. Google is encouraged for all website owners to change from HTTP to HTTPS to keep everyone safe on the web and give the website a lightweight ranking signal.
We recommend talking with your web developer to install SSL on your website and enable all pages on HTTPS. Also it helps users to trust your website as genuine and safe!
6. For Developers
A basic understanding of those security tips for your website from your web developer is important. Their job is ensuring your website is safe and protected such as;
- File and folder permission
- Server configuration file to protect from brute force attack
- Preventing of Sql injection and XSS
- Disabled server’s error message or server’s software information
- Using of validation forms and captcha
- Secured and restriction on file upload
- Use of MD5 encrypt on password when saved or use for verify login
Alexia Pamelov administrator
Leave a Reply
Leave a Reply
About the Author