WordPress bloggers, this article might save you a lot of headache!
Here are our top tips to help you avoid a hack and secure your business website before it’s too late.
Jess here. As a marketing and brand consultant I managed many websites for our clients, and twice was the lead tech for compromised web servers. I worked directly with developers to analyze code, find corrupt files, detect malware, set up firewalls and encryption, then setup domains and rebuild client’s sites to be more secure and stronger than ever! So I have learned a lot which I’m excited to share with you today.
- Instal an SSL certificate for your domain! I can’t stress this enough. Https protocol is where it’s at. Your clients will appreciate it too.
- Regularly backup ALL of your website files and folders in the public_html root folder of your server. There are awesome services and plugins that can automate this for you. You may not find malware until a few updates in, so it’s possible you will have to restore an old backup from months back.
- Don’t instal any plugin or widget without first verifying it’s security. If it’s not recently updated, don’t get it. If it has poor reviews, stay clear. If the developer seems suspicious, it just might be too!
- Regularly scan your website files for bugs and suspicious code
- Update your wordpress database usernames and passwords, and don’t use easy passwords! Lots of digits with a mix of uppercase and lowercase numbers and special characters is most secure.
- Regularly change your admin user passwords, and check for new user registrations that seem suspcious. If they have lots of random letters and numbers there’s a chance it’s a hack attempt.
- Make sure that your email passwords for any domains on your server are updated regularly and not too easy to guess. And ask your clients to report any suspicious content generated by your email address. The last thing you want is spam being sent out under your domain…very bad for your search rankings.
- Consult an expert. It’s a great idea to have a professional review of your website files and server from someone with advanced technical expertise. Pay a bit and get it done right from someone who’s input you can trust.
Don’t get caught reeling from the aftermath of a hack. It can take many months to recover search engine rank that you may have spent years acquiring. Plus search engines such as google reward secure websites with greater visibility and priority placement. So it’s worth the investment in every front…both now and long term.
Shoot us an email if you ever need any advice! Please comment below with any other tips you might have for others!