Your firm’s website is how you put your best foot forward to the outside world 24x7x365. You’ve put a lot of time and energy into creating it and building it up, so it only makes sense to make sure your website is protected and providing a return on your investment. Being able to protect your website involves a number of best practices around security, updates, passwords, and more.
Security is paramount since your site is exposed to the outside world, and hacking attempts continuously. A recent study showed that websites lose 95% of their traffic, on average, when they are compromised and in turn, get blacklisted by Google for a security issue.
By adopting these five best practices and staying on top of potential issues, you can keep your website humming along at its best, promoting your firm to potential clients day and night.
USE STRONG PASSWORDS
The first area you’ll want to check is related to accounts and passwords. To start, take a look at the list of users that have access to log into your WordPress admin portal. Are there old vendors there? Old employees? Disable any accounts that don’t need to be currently active to reduce the number of potential points of entry for hackers.
The second thing you’ll want to do regarding logins is to create a complex, unique password for your WordPress admin account. These passwords should be at least 12 characters long (preferably 16+) and rotated regularly. Use a password manager like LastPass or 1Password to generate and keep track of these passwords.
KEEP YOUR SITE UPDATED
With a WordPress site, there are a couple of different categories of updates that need to be regularly performed to make sure your environment is properly protected from security risks and hackers.
These include the WordPress core, any plugins, and possibly theme upgrades (if you’re using a pre-made theme or framework that regularly releases updates). These organizations regularly release patches and updates to address discovered security flaws and bugs in their software, very similar to how your computer has periodic updates for the same types of issues.
It’s important to test your website’s appearance and functionality after installing these updates, as it’s possible that some code or plugin updates can cause incompatibilities or formatting quirks depending on the structure of your site.
In addition to keeping your site patched, it’s important to monitor the site for any compromises – according to security vendor Sucuri, websites are compromised every day due to lack of installed updates, reuse of leaked passwords, neglected sites or a lack of resources to update to newer software versions.
Commonly, hackers will insert code into compromised websites to either generate income from ads or load malicious code into your visitors’ computers. This is something you’ll want to use a third-party vendor for – there are a number of security vendors that specifically work with WordPress to provide solutions and alerting for this.
While it’s important to stay on top of your site’s security, it’s just as important to keep an eye on the uptime and performance of your hosting company. The best way to do this is by using a plugin or other service that will constantly keep an eye on your website and send you an alert if it detects your site has gone offline.
Depending on what has caused it to go offline, you can either fix the issue or raise a support ticket with your website hosting company to address and resolve what’s causing the downtime.
BACK UP YOUR SITE
Just like your computer, even with the best security solutions, things happen. You want to have scheduled, regularly tested backups that can be restored in the case of accidental deletion of content or resources, malicious changes to the site, or the site being compromised by a hacker.
Daily (or even hourly, depending on how often you update your site) site, content, and database backups are the best way to make sure you can restore your website if something happens to it.
By staying on top of these five items, you can protect your website, and keep it looking great, and providing a consistent return on your marketing investment. Brian Craig