Maximize Marketing News - September 2018
When’s the last time you checked to make sure your website is functioning properly?
Avoiding website maintenance is like deciding not to have regular oil changes done on your car. Your vehicle wouldn’t last very long if you didn’t look after it, and the same is true for your website. You need your website to always be live and representing your business effectively.
|
|
In this month's feature article, I explain why you need to be concerned about website security, and make seven recommendations to help you protect your important investment.
Drop me a line and let me know what topics you'd like me to write about in the future. I'd love to hear from you!
Janet Barclay
|
|
|
WordPress Security and You
When it comes to website security, I’ve heard everything from “I’m not really worried about security. Why would anyone want to hack into my little website?” to “I don’t want to use WordPress – it’s always getting hacked!”
Let me start by saying that neither assumption is correct.
No website is immune from hackers.
Hacking isn’t limited to major corporations who store credit card numbers and other sensitive client information on their servers.
A virtual assistant I know was once the victim of the pharma hack and didn’t even know it until I told her my security software had alerted me to the problem. When she looked at the site on her own computer, everything looked just fine, but what I saw was a bunch of pharmaceutical links. It cost her several hundred dollars to get the problem fixed and her site restored to normal.
Another time I heard about an interior designer whose website had been taken down by her web host because someone had installed malicious files on her site. She also had to pay to have her site either restored or rebuilt.
These are just two examples involving people with very small businesses, neither of whom had valuable information stored on their website.
Many hackers don’t do it for personal gain, but just because they can – not unlike a vandal who walks around a neighborhood at night smashing windows without actually stealing anything. I’ve even seen a website where the content was replaced with a message saying, “Ha ha, you’ve been hacked!”
WordPress is NOT inherently insecure.
These stories are not prevalent due to a flaw within WordPress, but simply because it’s such a popular platform. In most cases, the security breach could have been prevented by following these best practices.
1. Don’t use an obvious user name.
Thousands of WordPress sites have been set up with “admin” as the username. Clearly if someone wants to try to break into your site, that’s the first thing they’ll try.
If you were given “admin” as your username by a one-step WordPress installation tool or someone who didn’t know any better, it’s not too late to do something about it. You can create a new user with admin access, log in as the new user, and delete the original user, making sure you attribute any posts and pages created to the new user.
Alternatively, the iThemes Security Pro plugin can manage this change for you seamlessly, as well as guiding you through other security measures you should implement on your site.
2. Don’t use an easily guessed password.
If your password is a proper name or a word that can be found in the dictionary, the chances of someone guessing it are very high – especially if they’re using an automated tool to do so. To learn more, check out this infographic.
It’s easy enough to change your password. Just go to your User Profile and change it. Go do it now before you forget!
3. Keep your WordPress installation and plugins up to date.
The bad news is that hackers are constantly figuring out new ways to get into your site. The good news is that WordPress itself and WordPress plugins are constantly updated to address these issues.
If your site isn’t running the latest version of WordPress and any plugins you have installed, you’re leaving it vulnerable to attack.
4. Remove unnecessary plugins.
Speaking of plugins, there’s no need to load up your Dashboard with a bunch of plugins that aren’t even being used. I’ve often gone to work on client sites where multiple plugins had been installed for the same function, and others for features that weren’t even in use on the site. If you try a plugin and it doesn’t work for you, take the time to deactivate it, then delete it. Do the same with any unneeded plugins that were automatically added when you installed WordPress. This will not only help to protect your site by eliminating potential security problems, but will keep your site running more efficiently as well.
5. Set up a regular backup system
Even if you maintain good security practices, you should always have a backup available. There are plenty of free and premium plugins that allow you to back up your WordPress site. Some will back it up automatically according to a regular schedule, while others require you to do it manually.
I recommend scheduling your plugin to back up your database and all of your website files at regular intervals, and configuring it to send your backups to a remote location such as Dropbox. This will give you access to your backup in the event that something happens to the server.
6. Choose a reputable web host.
Although it may be tempting to go with the cheapest hosting company you can find, keep the old saying “you get what you pay for” in mind. Some companies can afford to charge very low prices for “unlimited” storage and/or bandwidth because they cram a large number of websites on the same server, and you have no way of knowing who you’re sharing that space with.
7. Add a WordPress specialist to your team.
If you find any of the information in this article overwhelming, don’t just ignore it. Although Benjamin Franklin didn’t know anything about WordPress, he nailed it when he said, “An ounce of prevention is worth a pound of cure.”
If you’re uncomfortable with the inner workings of your site or are too busy to stay on top of updates, I encourage you to check out my Website Care Plans.
|
|
|
Thank you for all that you do to help me with my website. I really do enjoy working with you plus I love the peace of mind you offer! Your advice is always appreciated.
Jill Annis, Simply Organized LLC
|
|
|
|
I'm a Web Designer and Certified Digital Business Consultant who loves helping others succeed by sharing the knowledge and insight I've gained through marketing my own business for over 15 years. When I'm away from my desk, I enjoy reading, photography, watching movies, and cooking.
|
|
|
If this newsletter would be helpful to someone you know, be sure to pass it on!
|
|
|
|
