In a lot of ways, we think about cybercrime the same way we look at real-world crime. It’s something that happens to other people. Hackers aren’t interested in breaking into our site and stealing our data – why would they be?
Criminals love that attitude, as it makes it much easier for them to target their victims.
Here’s the good news. It’s actually not as difficult to safeguard your website as you might think. You just need a bit of discipline and some knowledge.
And that starts with knowing where you might be going wrong.
You Haven’t Patched It Since…Well, Ever
Three years. That’s the average age of vulnerability that criminals attempt to exploit when targeting businesses. That might seem a bit absurd, but if it wasn’t successful, they wouldn’t keep doing it.
At the end of the day, the truth is that your best defense against cybercriminals is to make sure you apply every single security patch as soon as possible. Don’t slack off on applying that WordPress update because you’re worried it might break a few plugins. The alternative – running an outdated, vulnerable site – is much worse, both for yourself and for your users.
You Aren’t Paying Much Attention To Usernames or Passwords
Look, I get it. Usernames and passwords are a pain to remember. Nobody wants to memorize eighteen different sets of them. Here’s the thing, though.
If you’re using the same password you came up with at age fourteen as the sole key to your administrator account (or worse, if you’re just using default credentials), you’re basically asking to get hacked.
Create a unique username and strong password for your administrator account – you won’t regret it, and if you have trouble remembering it, just use a password utility like LastPass.
Security Software? What’s That?
Last but certainly not least, what sort of security software are you running on your site? Here’s a short list of what you should have. I’ve also included a few things you should be paying attention to for posterity’s sake.
- Antispam, to help you block spam comments and bot accounts.
- Brute Force protection, to prevent hackers from simply trying to repeatedly guess your password.
- An Antivirus solution, for obvious reasons.
- Plugins and themes downloaded only from reputable sites. Especially on WordPress, the majority of site hacks are due to outdated plugins or insecure themes.
- A host that offers security features such as firewalls or DDoS protection. Again, self-explanatory.
Seems simple enough, right? Website security doesn’t need to be like pulling teeth. Whether you’re using WordPress, Magento, or something else altogether, keeping things safe from criminals really just requires a bit of elbow grease and a good host.Posted in: Security