Anyone who paid attention to past events, from Yahoo! to the Democratic National Committee, knows the topic of 2016 and 2017 was website security or cybersecurity. However, hackers are not just interested in attacking governments and large corporations. They will target any size website or business, exploiting common vulnerabilities with automated attacks. Therefore, while you may think your website is not worth their time, small business websites are bombarded daily. (Yes yours too…. we’ll show you the logs)
Many hackers want to use your site so they can hide and spread malware, and the majority of attacks are not for the purpose of stealing your data or damaging your website. Instead, the goal of many hackers is exploiting your server to send spam email or as a web server for illegal files. These hackers use automated scripts, scouring the Internet in an attempt to exploit the known website security issues of commonly used software.
Simply put, no industry or business is immune. Once compromised, your site can be used in Distributed Denial of Service attacks on other sites, and any website can serve this purpose. As a result, a site with poor website security, even for a small business, is a security risk to customers, other businesses, and even the government.
Easy Ways to Increase the Cybersecurity on Your Site
1. Make Admin Areas Hard to Find
A common way to gain access to a website is by attacking the admin area of content management software systems. Since these attacks are often automated, simply changing the admin directory name is enough to discourage attacks. If they can’t find your back office area, it becomes extremely difficult to exploit your site.
2. Use Strong Passwords
Recent news reports revealed that John Podesta’s (Hillary Clinton’s campaign manager) password was “password”, which made hacking his email easy. Shockingly, it is one of the most common passwords used. It is best to use a minimum of 8 random characters that include upper and lower case letters, numbers, and symbols. Not doing this is a really poor cybersecurity practice.
3. Keep Software Updated
Even if you have a website custom build from the bottom up, it is important to keep all your software up-to-date. Nevertheless, content management software providers work continuously to patch security holes. Therefore, updating to the newest version will make you less vulnerable to attacks.
4. Use HTTPS
If you are an online retailer, your transactions are being handled by HTTPS (or HyperText Transfer Protocol Secure). However, the rest of your website may not have this protection. Besides the security aspect, Google has announced HTTPS is a consideration for search page rankings. This means it will affect your SEO.
5. Leverage a good content delivery network (CDN)
We recommend the CloudFlare system as it provides many advantages for websites in addition to the standard CDN benefits of better performance and less traffic hitting your server. One of these key benefits is the ability to defend your site if it’s being attacked. CloudFlare can perform a verification check on each visitor before they hit your site. This alone can dramatically increase website security.
What haven’t we covered yet that is important to you? If you would like more information about cybersecurity and your website, or need additional suggestions, please contact us.