Design & Development, Security, WordPress

Lock it Down: How to Keep Your Site Secure


In an era where websites are compromised by malicious software all the time, one of the most common security questions is ‘How do I help protect my site from hackers?’ Although it can seem daunting, there are plenty of steps you can take to help keep your site secure.

How to Keep Your Site Secure

Keep it Fresh

Always keep your platforms (like WordPress, Drupal, etc.) and their associated plugins up to date with the latest versions.

Having outdated software is one of the easiest ways for malware to break into your site. Think of an old version of WordPress like an old video game. Much in the same way that the first level of the original Super Mario has been beaten millions of times, an old version of open software has been sifted for cracks many times. Updating to the most current version can make it much more difficult for programs to use old hacks.

Many web hosting providers have tools available to keep your versions of software updated automatically.

Strengthen that Password

A strong password is the first line of defense for any website. Surprisingly, the worst passwords are often the most common. According to an analysis of millions of passwords lifted from stolen login credentials – ‘password’ followed by ‘123456’ remain the most popular password phrases in the year 2015*.

A few simple guidelines that can help create a stronger password:

Length

Your password should be at the very least eight characters long. More than sixteen characters is even better.

Upper & Lower Case

If someone is trying to break into your site, switching cases is an easy way to make things more difficult for them.

Include Numbers & Special Characters

Again, when it comes to passwords, diversity is your friend. Adding a few numerals or special characters will go a long way toward keeping your account more secure.

But I’ll never remember a password this complicated!

A secure password is no use to you if you forget it immediately. That’s why experts recommend you use a phrase instead of a random assortment of characters. This will help you remember, while also keeping the password hard to crack.

Be sure to include numbers or special characters with your phrase. A phrase by itself will be easier to guess than a phrase that includes numbers and special characters,

Still not sure if your password is up to snuff?

How Secure is My Password is a great free resource available for use. Simply enter your favorite passwords and wait for your score – the higher, the better!

Back that Site Up

Backing up your site is one of the simplest and most painless ways to help keep your site more stable.

We’ve all been there – you’ve spent the entire weekend working on your latest project. You can see the finish line up ahead. All that’s left is to present the project and congratulate yourself on a job well done.

Then something unexpected happens. The computer breaks down, or the file is corrupted, leaving you to sit and wonder why your dog ate your homework.

This is why backing up is so important. It’s an all too easily forgotten failsafe. When thinking about web security, it’s common to focus on the proactive steps one can take. While the right antivirus software, system updates, and strong passwords play a vital role in protecting your website, backing up frequently gets lost in the mix.

This is a great step to keeping your site secure, but creating your own external backup will increase the likelihood that your site can be restored to its preferred version in a timely manner. These external backups may be purchased through your provider or set up on your personal computer.

It is one of the simplest and easiest ways to help improve the stability of your site.

First, you will want to make sure that your web hosting provider implements routine backups. Many web hosting providers will restore your site from their automated backups for a fee or free of charge.

A web host may offer several different types of backups. They may have file backups, off-server backups, automated site backups, etc.

For instance, pair Networks offers several different types of backups depending on the account type. There are automated site backups for WP Optimized hosting accounts, optional file backups for VPS and Dedicated accounts, and internal backups for all. These internal backups aren’t available to customers, but if anything happens to the account, we can use it to restore the account.

pair customers wishing to learn more about creating a separate automatic backup system may wish to visit our tutorial, Back That Site Up: A Backup Guide through the ACC.

When selecting a web host, it is important to consider the types of backups they offer. A backup could be the difference between a live site and a lost one.

External Backup Drives through your Web Host

These drives will store versions of your site automatically. They are accessible through your account control center at any time. Generally, these external hard drives are provided by your web hosting company for an additional fee. pair Networks offers external hard drives, which routinely back up all files, on all of our dedicated hosting solutions.

Setting up a Personal Backup on your Computer.

If your site is relatively small and not frequently updated, storing a copy on your personal computer may be sufficient. You can download the most up to date files on your web server to your personal computer through an FTP Client. If you are utilizing a content management system like WordPress or other information in a database, you will also want to import these files onto your computer using phpMyAdmin.

Keeping Secure

In the end, securing your site comes down to a series of steps you can take. The more steps you take, the more secure your site will be. We recommend periodically checking in here or other reputable news sources to see if any new advances have been made in website security. Security is an evolving field. With hackers finding new ways to hack things every day, security must change to stay ahead of them. Keep an eye out for the latest security updates and practices. This is the only way to keep your site secure long term.