It is a great thing indeed to have a website security company like SharkGate protecting your website. Our mission is to have our clients’ websites safe and sound 24/7 even whilst you sleep 😉

Though, you may have asked yourself – What should I do to ensure my site is safe from hackers? In fact, there are a lot of actions and tips you can follow in order to strengthen your website protection and make it less likely to be hacked.

Website security is a bit of a buzzword at the moment with even websites like Sony, Nasa or Amazon which spend a fortune on security measures getting hacked. Small websites are often easy targets with out of date software and the lack of security updates being applied to wordpress, joomla, magento and the likes.

First of all, we have to understand the hacker’s mind, and what they can get out of it… the answer is: It depends on the type of website targeted and the data it contains. In most cases, this is what happens:

  • Corporate sites and blogs: they can be used to improve the positioning of other websites by URL injections and external links.
  • Sites with a user community: to access all the user’s data.
  • E-commerce sites: to access the client’s private data and in worst cases to modify the payment setup.
  • Some websites are used to host phishing pages such as a fake bank login page.

See our other blog article to read about the types of hacks we commonly encounter..

A hacked website, is another tool or instrument in the hackers armory – to be used and abused as they see fit. Often data extraction can continue for months after the initial compromise before being noticed. Hackers will squat and abuse a website until they are thrown out and the doors slammed shut and locked behind them – like an aggressive, rowdy drinker stealing peoples drinks in a busy bar. Probably not the best metaphor in the age of lockdowns amidst the global pandemic!.. but you get the idea.

Here are a few helpful tips to consider:

Keeping my website up to date..

Let’s start with probably the most basic, but at the same time most important step in keeping a secure website – please don’t ignore software, plugins, themes and CMS updates.

Often people get upset when a new update comes out “OMG, here we go again, what a pain!” As a person who has collaborated in several plugin updates of the different CMS platforms, I assure you.. these updates are not done in vain. Yes, it is true some updates are just to improve aspects not related to security, however, most of the updates are directly or indirectly supporting the security of the sites.

Updates

Keeping up to date with software updates and updates to your website’s CMS platform is a basic and crucial first step to protect your website from hackers. Make sure you routinely get your website checked and apply the updated where necessary. Often websites using CMS systems like WordPress can be setup to automatically apply these.

Opt for a reliable hosting service

Choosing a good host is more important than it seems at first glance. Our advice is not to make this decision randomly. Don’t pick based on price alone or because everyone uses it or some other factor with low significance in terms of security.

Hosting

The one you choose should be reliable, offer you overall good control of your website functionality, fixed and secure IPs, your own server resources (if possible – this can get pricey) and daily backups. Outstanding support is crucial!

Be careful with passwords

Insecure passwords have been and continue to be the weakest point of any website because cybercriminals can obtain them with little to no effort.

For example, passwords for backend or admin access using “admin”, a date of birth, a dogs name, repetitive numbers or letters (1234 or abcd) is literally like giving them the key to your house. You may think hackers don’t have tricks to guess passwords, on the contrary, they are specialists at breaking down riddles thus they can deduce patterns of behavior on your website or social media account and will try and guess your password no doubt.

Best password

Ideally, your website passwords should have a random combination of numbers and upper and lower case letters, including special characters. We strongly suggest using password generators.

Website design

A website is not just a captivating or good-looking page on the internet. It is indeed the result of a lot of effort in terms of planning, design, implementation and maintenance.

It encloses various aspects such as web graphic design, interface design, navigability, interactivity, usability, fundamental structures, audio interaction, text, image, links, search engine optimization…and the list goes on. But most of all, implementation of adequate security practices must be taken into account if the website’s intention is to grow and fulfill its purpose.

CMS

Final thoughts

Apart from all the aforementioned, it is extremely important to note that having a well-maintained server is a huge part of the website’s security. If you have other unprotected sites in the same environment it is key to protect those too.

Using a re-captcha on the login web form, comments and user registration, having SSL which is included in our Fix and Protect are all recommendable actions in terms of security.

In the digital era we live in there will always be ways for someone to find a security hole. But there will always be ways to minimize and nullify its effect – And this is in fact, what we at Onehoursitefix are devoted to. We are certain that with our outstanding security solutions, our always supportive team and by applying the above recommendations we will make it rather tough for the bad guys!