Worst-case scenario: your website has been hacked, and your last backup was months ago. Sleuthing out the malware could take even a skilled developer hours. So what’s a website admin to do?
Turn back the clock.
The best time to beef up security is before something goes wrong. In this video, we’ll outline six things you can do today to secure your website.
Install an SSL Certificate
A Secure Sockets Layer (SSL) certificate encrypts data transmitted through your website. Think of it like a privacy envelope that protects the sensitive information inside as it’s delivered to and from your site. This high-tech privacy envelope can only be opened by the intended recipient and no one else in between. An SSL certificate not only protects your visitors but gives them peace of mind because access their personal information is protected. If you’d like to learn more about installing a certificate on your site, follow this guide.
CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart.” This acronym might sound unfamiliar, but you’ve definitely seen these images of jumbled words or distorted numbers on websites before. CAPTCHAs block bots from trying to automatically submit forms or harvest email addresses. If you want to protect your site against fraudulent sign-ups for your newsletter, for example, CAPTCHA is a great way to stop spammers.
Regularly Scan for Malware
When you imagine being hacked, you might picture a black screen with a laughing skull and crossbones. But most hackers are more discrete. They want your site to be infected for as long as possible before you notice, so they have time to steal data or send out spam. That’s why it’s important to shield your site with a malware protection service, like SiteLock Security. SiteLock scours your site for malware daily and automatically removes it, saving you time and protecting your site against hackers.
Update Your Applications and Plugins
Running old software is like shutting your door at night but not locking it; you’re making it too easy for the bad guys. Security holes are remedied each time new software is released, so you want to make sure you’re taking advantage of these fixes every time a new version is put out. If you installed applications using the MOJO Marketplace, automatic updates are available by clicking the ‘Upgrade’ button. For installations done with Fantastico, the main Fantastico screen shows a link on the right-hand side with available updates.
You’ll also need to update your plugins since they’re created to work with specific versions of WordPress, Joomla, or Drupal. One way to never miss an update is to subscribe to each plugin’s security announcement list. And remember: not all plugins are created equal. Only use ones that are highly reviewed and proven safe.
Access Your Site from a Secure Location
Viruses, malware, and keyloggers — surveillance software that records what you type — can be installed on computer covertly and used to obtain your username and password credentials or to infect your website files.
Practicing good at-home security means taking common-sense measures, such as
- never opening emails or attachments from people you don’t recognize
- using a reliable anti-virus or spyware scanner
- backing up your website and database frequently
- avoiding rogue websites
- being careful about where you share your information
Choose a Smart Password
Smart passwords are long — a minimum of twelve characters to be exact. They should also use a combination of numbers and symbols and alternate between uppercase and lowercase letters. Never use the same password for your website that you use on your email or social media accounts. Make it unique and complicated.
A little preemptive site security can save you from huge headaches down the road. So take a moment, review these six tips and ask yourself: Am I doing everything I can to protect my website now? And if you’re interested in how Bluehost is helping to keep your site safe, read about our recently rolled-out security updates.