A Question of Security

Hacking used to mean kicking around a little bean bag sack with some friends. Unfortunately hacking has come to mean something completely different, dark even. If you are website owner, you need to know how to keep your site safe from hackers and your visitors secure when they log in. 

Hackers are out there, and according to reliable sources, they are not going away anytime soon. In fact, they are probably "upping" their game as I write this.

What can you do to prevent your website from being hacked? Here's what I've learned:

1) Use Strong Passwords. This is the number one mistake we make, in an effort to be able to remember all the passwords we use. I think if I counted I would have at least 50 accounts that I have to login to for one reason or another so it's very tempting to use an easy password. DON'T DO IT. Use a password generator like this one: https://www.random.org/passwords to create strong passwords. Then write them down and keep them in a safe place. 

2) Keep Up with the Upgrades. Plugins and components, themes and extensions all try to keep up and we should too. It is necessary maintenance for web owners to upgrade their extensions.

3) Back Up your Site. Use a site backup plan offered by your host, or manually backup the database and file structure. In the event that you are hacked, you will need a clean version of the website to re-upload. 

4) Purchase Extra Protection. Several website hosts offer SiteLock, a program that scans and removes malware daily. 

This is the short list. There are other things you can do, such as adding password protection to login areas and installing firewall extensions. The worst thing to do is nothing. At the very least, go back to #1 and change all your easy passwords.

One more thing. When you register a new account on a website, make sure there is a green "https" in the address bar. That means the site has an SSL certificate. An SSL certificate on a website acts as a scrambler, encrypting any log in information and keeping you safe from having your info robbed right off the internet. If it doesn't have the green https, do not fill out anything, especially with personal information.

So much better to be safe than sorry.