5 Website Security Tips
- Keep Software Up to Date
- File Uploads
- Website Security Tools
Typically, Small Business owners and start-up companies on the rise don’t have a dedicated web developer or designer to maintain their website. If you’ve been in business for several years, you may have cycled through different contractors for website updates. It’s important to monitor and manage updates to your software including the core, themes, and plug-ins.
The professional advice provided in the CB article “9 Security Tips to Protect Your Website from Hackers,” explains the importance of how routine updates to your software is vital to keeping your website secure. If you have a website contractor responsible for maintaining your website, establish rapport and best practices early on to monitor the software update notifications and initiate the updates. If you’re managing this internally, you can develop best practices on your own to monitor the software update notifications and initiate the updates.
In addition, use strong passwords to your server and website admin portal. Strong passwords include at least eight characters including an uppercase letter and a number. If you’re hosting provider offers two-factor authentication, take advantage of this feature to stay secure.
The recommended solution for files uploaded to your website is to store uploads in a folder outside of the webroot. It’s also recommended to have your database run on a different server from your web server. Following these two file protection tips will protect your database from hackers attempting to gain access through your web server.
For your entire site, plan to use HTTPS. Having HTTPS on your website ensures the viewer is reaching the expected server with no vulnerabilities, permitting content to be intercepted or changed. More importantly, HTTPS will improve your search ranking with Google, gaining additional benefit on SEO for your website.
Also, regularly test your website security. Refer to the CB article, to view a list of website security tools to set up penetration testing (pen testing).
These are some of the website security tips Tier4’s marketing department has implemented to help our website visitors feel secure when viewing our content. Let us know if you have any questions about pen testing or would like us to assess your business to ensure it’s not vulnerable to malware, botnets, and ransomware.
Tier4 Blog Edition 26: February 7, 2018