5 STEPS TO SECURING YOUR WEBSITE
By Michael Butler
1. KEEP YOUR WEBSITE SOFTWARE UPDATED
If you are using WordPress (or any other CMS), and it is not already using the stable current version, take a minute to update. Out-of-date software is the leading cause of infections. This includes your CMS version, plugins, themes, and any other extension type.
2. CHANGE YOUR PASSWORD AT ALL ACCESS POINTS INCLUDING FTP, SFTP (or SSH), CPANEL
Choose a unique and STRONG password. What often defines a good password is built around three core components – Complex, Long and Unique. The argument most made when it comes to passwords is that it’s too difficult to remember multiple passwords. This is true. It’s also why Password Managers were created.
Password Tip: Start using a password manager like 1Password.
We cannot stress the importance of changing all passwords to include those not related to your CMS. Your website has various access points, attackers understand this and because of this they will often exploit multiple points of entry. At a minimum, be sure to update the password for all administrator accounts. We say all because often users will create more administrators than they require and will often update one, but forget about the rest. There really is no better time to clean than after a compromise, take advantage of this time.
3. CHANGE YOUR DATABASE PASSWORD
If you are using a CMS (WordPress or any other) change your database password. Please be sure to update your configuration file – wp-config.php. This is not an automated process so you will need to know how to open those files and edit manually. If you’re not familiar with handling changes in your database and configuration files, contact your host.
*If you don’t know how to change your passwords (specified above), contact your hosting company for details.
4. SCAN YOUR PERSONAL COMPUTER
Run a virus scan consistently on your personal desktop/laptop. In a lot of cases, websites are compromised via local environments (notebooks, desktops, etc..). It’s why we always ask you to take a minute to run an anti-virus product. The bottom line is it doesn’t matter how many times your site gets cleared, if your desktop is not clean, your site can get reinfected quite easily.
5. INSTALL A PRIVATE FIREWALL
A private firewall on your website insulates it from hackers. They are tough to penetrate and hackers know it. With our hosting plan The Protector Hosting and Security Combo, a private firewall is included in the annual cost — and worth every penny!