SECURITY ALERT!

03/28/2018

Get peace of mind: Secure your website.

Why is website security so important?

BOE

You might think that your website does not have anything worth being hacked for, but you will be surprised!

Website security is a critical component to protect your business and customers. Websites are constantly being scanned by hackers for possible vulnerabilities. If a vulnerability is found, hackers can load malware or take malicious actions on your website. Security software is there to scan for backdoor hacks, redirect hacks, trojans and many other threats.  It then notifies you if your website has an issue and provides solutions to address them.

An unprotected website is a security risk to your customers and your business. Hackers can steal client information and it also allows for the spread and escalation of malware attacks.

Tips on how to run your business securely online:

  1. Design your website with security in mind, by not exposing unnecessary information.
  2. Apply a Web Application Firewall (WAF) to prevent hacking and other attacks.
  3. Do business transactions online securely by using Secure Sockets Layer (SSL) certificates.
  4. Keep your CMS and plugins updated with the latest patches to keep your website protected and secure.
  5. Grow your business reputation by providing a secure online platform.

How do you know if a website is secure?

5 key website security checks 410447287

Check if the website has credible information:

  • A site owner that is concerned about credibility will have at least a valid email address where issues can be addressed.
  • The site should also include social media, telephone and possibly a physical address with up-to-date contact information.

Check that the site has a valid certificate:

Not all websites are secure and they may be pretending to be someone else.

  • Check the “secure” lock icon in the web browser address bar. Clicking on the lock should initiate a pop up displaying the correct certificate and verification information.
  • It protects your personal, financial or other confidential information from being compromised.
  • If the information displayed does not match up with the website you’re visiting, it is not legitimate and most likely not secure.

Https:

https:// – The letter S is very important, since it signifies that the website is using Hypertext Transfer Protocol Secure (HTTPS), a communications protocol for secure communication. It offers an additional layer of protection for users, ensuring that the information that passes between visitors and the website server is encrypted and thus more secure.

  • Before you type your card details into a website or submit a form with your details, ensure that the site is secure. Look out for a small padlock symbol in the address bar (or elsewhere in your browser window) and a web address beginning with https://
  • You also need to check that the website has a certificate.
  • Google is giving preferential SEO ranking to secure sites, so you’ll rank better on their search engine.

Security Plugins:

All WordPress websites developed by Azapi include a Standard security plugin and a SSL certificate to ensure your site is safe!

If you have an e-commerce site or are collecting customer information, e.g. through an enquiry form or newsletter subscription, you are responsible to protect that information and you need to consider upgrading to the Premium security option.

See the difference between the Premium website security plugin and the Standard one below:

4a683306 fe21 4899 baf0 6b53bec949f.5

Advanced Features of the Premium Security Plugin:

  1. Real-Time Threat Defense Feed Real-time protection for your website from the latest threats, delivered as they emerge. This gives you information about hackers and where attacks originate from.
  2. Country Blocking
    Country blocking is designed to prevent attacks, content theft or end malicious activity from a specific geographic region.
  3. Check if site IP is generating spam
    Your legitimate customer emails can be caught in spam filters if another site on your shared IP address is generating a lot of spam. This prevents your site from being used to send spam email.
  4. Cellphone sign in
    This is the most effective way to stop brute force attacks.
    It prevents simple password guessing attacks, because they don’t have your cellphone to pass the second phase of authentication.
  5. Advanced Comment Spam Filter
    Giving you the flexibility to change your filter settings and using aggregated data to identify comment spammers. Using advanced heuristics to identify spam comments, like URLs, source IP and content.

If you need assistance to ensure your website is properly secured, as well as other security best practices, please feel free to contact us for an assessment.

Posted in , ,