BLOG

Safer Internet Day: How to improve your website’s security in 2018

February 6, 2018

Safer Internet Day 2018 is celebrated globally on Tuesday 6th February to help inspire people to use technology responsibly, respectfully, critically and creatively.

As a business owner, you’ll know how critical website security is to protect yourself and customers. The consequences of a hacked website can significantly impact on your reputation and finances, which is why taking a proactive approach can keep you ahead of your competitors.

Data security is more important than ever thanks to Google’s long-term plan to make the internet safer. Google has started to mark all HTTP sites as non-secure, which has significant implications to businesses of every shape and size.

Here we’ll explore ways to improve your website’s security in 2018.

1. Disable unnecessary plugins

Back in September 2017, a security vulnerability was found in a popular WordPress which had over 200,000 installs. It was found to be inserting content into sites from external servers as well as collecting visitor data without permission.

Although you cannot completely eliminate the possibility of an online attack, keeping your WordPress core, themes and plugins up to date will reduce the chances that hackers are successful at penetrating your site.

Any plugins and themes that you’re not using should be removed from your site so that you have fewer options for hackers to access your information.

2. Implement Two-Factor Authentication

Two-factor authentication has been around since 2013 as a way to add an extra layer of security to the login process. This means a password is required plus an authorisation code that is sent to your phone (by SMS) or email account in order to log in to your site.

Implemented by Google and Twitter, it has become an extra layer of website security for users’ peace of mind. It is a simple way to prevent brute-force attacks from being successful as it requires a secondary step in the login process where the user has to verify their identity.

Having two stages of identity verification makes it much harder for a hacker to gain access to your website and, therefore, implementing it helps keep your data safe.

3. Layer your security

One of the best ways to keep your business safe is by layering your security. Adding firewalls is an essential aspect in stopping attackers before they can gain access to your critical information. Next, consider obscuring the back end login page to protect your site from brute force attacks.

As brute force attacks are typically automated, they will try to gain access to your website by going through the typical WordPress admin URL, such as www.yourwebsitename.com/wp-admin or www.yourwebsitename.com/wp-login.php. By calling your login something completely different, they’re going to have more difficulty in locating the page.

4. Invest in an offsite backup solution

Having both an onsite and an offsite backup solution in place is sensible to help protect your business and ensure the survivability of your data and your business reputation. When done right, an offsite backup can effectively restore your entire website straight back to its previous condition leaving your business and reputation intact.

While backing up to an external hard drive or USB disc is better than nothing at all, it still doesn’t protect you from damage or theft or if you manage to lose them. The best solution is an offsite backup via a cloud server that cannot be lost or corrupted either accidentally or as part of a malicious attack.

5. Make the switch from HTTP to HTTPS

As touched on earlier, Google is on a mission to turn all HTTP websites to HTTPS. They have started to mark HTTP websites as unsecured and this warning will become more prominent as time goes on. People have also become savvier when it comes to looking for the padlock in the URL bar to tell them that data is being exchanged on an encrypted connection.

To meet the expectations set by your customers and endorsed by Google, all website owners should aim to acquire the necessary SSL/TLS certificates and setup HTTPS on their web servers.

Here at WP Tech Support, we do more than just protect you from attacks by keeping your WordPress system and plugins up-to-date. That’s the easy bit. Our website experts also carry out a manual health check at the outset providing recommendations for improving the security of your site.

Our holistic, preventative approach to protecting your WordPress website will ensure you’re ahead of the game at all times. Take a look at our monthly payment plans to find out more.

Leave a Reply

Comment policy: We value comments and the time that visitors to our blog spend to give feedback. Please note that all comments are manually moderated and any deemed to be spam or promotional will be deleted.

Check out other related and helpful WordPress blogs

3 Best Plugins for Turning Your WordPress Website into a Mobile App

Accessing your website should be as easy as possible, whether you’re using a desktop device or a mobile phone. However,…

Warnings showing in Front end

A WordPress site showing warnings in Front end helps users maintain WordPress sites. Warnings in WordPress are used for various…

Comparing WordPress Security Plugins and Why we choose WordFence

In WordPress – if you lack expertise, WordPress security plugins help you strengthen your site’s security. Plugins like WordFence, JetPack,…

Get started with a WordPress support plan today.

Let us take care of any unlimited fixes* and provide ongoing updates and support.

View our support plans

*Unlimited bug fixes only available with Pro, Business and Advanced Plans.