Website Security Tips

Posted by Donna Weller, 22nd August 2018 at 2:55pm

In the last few weeks, most of us have found our in-boxes flooded with emails from companies telling us they’ve updated their security and privacy policies, thanks to the General Data Protection Regulations (GDPR) which come into effect on 25 May.

But what about web security in general? While you might feel your website has nothing worth hacking, websites are compromised all the time. Most security breaches aren’t just to steal your data, but to use your server for spam or set up a temporary server for illegal files. Compromised websites are also used to mine for bitcoins or you could find yourself targeted by ransomware.

Keep your software up to date.

Make sure any content management systems you use are updated to keep your site secure.

Switch to HTTPS hosting if you haven’t done so already.

This needs an SSL certificate (secure socket layer). SSL certificates have a public and private key that work together to provide an encrypted connecAon. This means that information passed between a browser and your website can’t be intercepted. SSL certificates aren’t expensive—roughly about four or five pounds.

As a bonus, Google prioritises HTTPS sites.

A site seal is another security feature.

It monitors your website looking for malware - a bit like an anti-virus for your site. The seal monitors your files and alerts you if it detects malware. Security seals can also remove malicious files, depending on the version you use.

Check your passwords.

It’s common knowledge that we should use strong passwords, but laziness often sets in. Ensure all the passwords you use for your website are strong - i.e. they are a mix of leters, symbols, numbers and cases, and that are at least eight characters long.

You might also want to protect your passwords through salted password hashing. Hash algorithms turn data into a fixed-length ‘fingerprint’, protecting passwords even if password files are compromised.