Is My Website Really Secure?

Is My Website Really Secure?

It’s pretty normal for someone to go weeks without looking at their own website. After all, if you know what you put up there, why would you unless you wanted something changed?

Imagine, to your dismay, receiving a phone call or email from a long standing client, troubled by your website. You go on only to see the content on your site altered maliciously and your reputation tarnished, both personally and professionally.

That’s not the time to wish that you had a more secure site.

To know if your site is really secure, ask yourself these questions and if it’s not, we have 4 tools for you.

Is it up to date?

When a hacker tries to seize control of a site, what they look for is vulnerabilities in your sites code. They can do this in various ways but generally, it doesn’t take them frantically pounding away at a keyboard like they do in the movies.

Just as hackers work against your site, the developers behind your site constantly work to make their code more secure. When developers find an area of weakness, they will send out updates, patches, etc. that fix the issue. If you don’t keep both your site and its plugins up to date, hackers are going to be more likely to exploit those areas.

 

Does your site use HTTP or HTTPS?

Sites use HTTP by default. It stands for Hypertext Transfer Protocol. HTTPS stands for Hypertext Transfer Protocol Secure. You probably see where I’m going with that.

HTTPS is for sites that utilize SSL or Secure Sockets Layer. This means that information that is transferred between the visitor’s browser and the website’s server is encrypted. For someone to decipher the information, they would need the encryption key that is only available on the web server.

SSL certificates are cheap, if not free with most hosting services. If you are utilizing any type of online shopping, HTTPS is a must but overall, it will make your site more secure. 

Does your site use parameterized queries?

This one is a little more involved but the main idea is this; instead of entering a username and password into a field, hackers can enter bits of code aimed at corrupting systems or retrieving information inside of your website. This process sets “parameters” for what can be entered into a “query”. For more information, check out this article from Microsoft.

 

How strong are your passwords?

I can’t believe I’m saying this but in 2018 the most commonly used password is still “123456” followed by answers like “QWERTYUIOP” (which is just the first row of letters on the keyboard.)

Having a company-wide password policy that dictates the strength of passwords will keep your site secure from a would-be-hacker getting access.

 

So is your website really secure?

Ask yourself these questions and you will get your answer. There’s no one-sided answer to your security and as threats continue to evolve, your security will need to evolve with it. If you are questioning your security, check out these tools.

Wordfence – Firewall and Malware Security

At over 2 million downloads, Wordfence is one of the highest rated security plugins for WordPress and has over 2 million active installations. Wordfence’s free plugin blocks malicious traffic going to your site and their premium version offers more robust features.

VIP Scanner

VIP Scanner scans the code of your site, including all themes and files you may use to identify any potential security loopholes that may leave you vulnerable. 

iThemes

iThemes bans users that have previously attacked other sites by blocking their IP address.

BBQ – Block Bad Queries

This plugin protects websites from injection-related attacks. At over 90,000 downloads and a perfect 5/5 in reviews, this is a simple but comprehensive solution with a BBQ Pro version available.

Other Articles You Might Be Interested In:

Can Data Analytics Solve Your Nonprofit’s Problems?

Can Data Analytics Solve Your Nonprofit’s Problems?

 You want to improve the processes of budgeting, forecasting, and fundraising for your nonprofit; however, you are having a hard time identifying problems and solutions.  Data analytics can help. This type of business intelligence is already considered indispensable...

read more
6 Ways to Reduce IT Costs

6 Ways to Reduce IT Costs

Your business is always looking to reduce costs. Looking at the information technology budget line items is headache-inducing. So much money spent in one area, and there’s so little you can do about it! But is that really true? IT expenses may not be as fixed as you...

read more

Understanding how to keep your WiFi more secure

Understanding how to keep your WiFi more secure

When you log into WiFi at a public place, such as a library, a school, a business, a restaurant, or the like, it’s likely your anti-virus software will warn you of logging into an unsecure network.

But, did you ever think that when logging onto the WiFi at your home or business you may still be facing some security issues? Are you aware of the risks involved with not securing your WiFi? It’s important to keep in mind that WiFi is a target for hackers. Securing your WiFi may be way easier than you think.

Here are a few tips on how to do that.

 

Change the name

One of the first steps is to create a strong name for the WiFi network to replace the default network name, such as xfinitywifi, AT&T or Netgear (My neighbor uses FBI as his network name). Fossbytes says most hackers have access to tools such as “rainbow table” that can break into most any network simply by knowing the default SSID name.

 

Protected Access

Another security measure to use is enabling your WiFi protected access. When setting up the router, the setting can be seen as WPA2 or WPA-PSK. Fossbytes said older routers will have something called WEP, or Wired Equivalent Privacy, but that’s not much of an effective deterrent to modern hackers.

 

Firewalls

One tool to use, if it’s built-in, is a firewall for your router, which can obscure a hacker’s view of the network, Fossbytes said. Another thing to consider is turning off the Universal Plug and Play protocol on the router. Although this is meant to make connecting devices easier, Fossbytes said the use of it makes a potential entry point for hackers.

 

VPN

Another way to protect your WiFi network is to create a Virtual Private Network, which encrypts data traveling between a computer and a server. Through a VPN, even if a computer is logged onto a public WiFi, any hacker paying attention to traffic will only see encrypted data shared, Techify said in a recent article on ways to protect a WiFi network. VPN works by “giving your location anonymity on its server and even creates its own firewall to protect your network traffic,” Fossbytes said.

 

Change your password

Lastly, one simple, but crucial point of protection, and one that we here at ITonDemand stress over and over again, change your password. Using a strong password, or perhaps an even stronger pass phrase, can cut down on a hacker’s ability to penetrate a network or computer.

If you’re still concerned about setting up a secure network, don’t hesitate to reach out to ITonDemand for help. It’s better to be safe than sorry.

 

Other Articles You Might Be Interested In:

Can Data Analytics Solve Your Nonprofit’s Problems?

Can Data Analytics Solve Your Nonprofit’s Problems?

 You want to improve the processes of budgeting, forecasting, and fundraising for your nonprofit; however, you are having a hard time identifying problems and solutions.  Data analytics can help. This type of business intelligence is already considered indispensable...

read more
6 Ways to Reduce IT Costs

6 Ways to Reduce IT Costs

Your business is always looking to reduce costs. Looking at the information technology budget line items is headache-inducing. So much money spent in one area, and there’s so little you can do about it! But is that really true? IT expenses may not be as fixed as you...

read more