When you’ve gone to the considerable time and expense of creating, designing and writing a website, and then spent endless hours optimising the site so it appears in the search engine rankings, the last thing you want is for some faceless entity to hack your site. But that, unfortunately, is a very real possibility. Without putting the necessary protection in place to stay secure online, all that hard work could go to waste.
The very real risk of website hacking
You might think of computer hacking as something on the scale of the attack that crippled the NHS during the last few weeks, or hacks of multinationals that target sensitive data, but the truth is that most hacks take place on a much smaller scale. You might not think your website has anything of value for website hackers, but thousands of attacks are launched on websites just like yours every day. These attacks attempt to use your server as an email relay for spam, to set up a temporary web server or build links to illicit websites.
Such hacks are regularly performed by automated scripts written to exploit known security issues in software. Overnight, they can turn your once reputable, traffic generating website into a site that’s blacklisted by Google. A hack can be fixed, but it’s a time-consuming process that could cost you thousands in lost business. Instead, it’s much easier to stay secure online and prevent hacking in the first instance.
How to prevent hacking
Fortunately, there are a number of relatively simple steps you can take to prevent hacking and protect your site. These are our top tips for website owners...
1. Keep your software up to date
It may seem obvious, but when you’re flat out running a business, the basics like keeping your software up to date can spend too long on your to-do list. Keeping all software up to date is vital to preventing hacking and staying secure online. This applies both to the server operating system and to any software you may be running on your website. If you are using a managed hosting solution then you don’t need to worry too much about security updates for the operating system as they will be done for you, but you may still need to keep your applications up to date, such as WordPress, along with any plugins or themes that you may have installed.
2. Use strong, encrypted passwords
We all know we should use complex passwords to prevent hacking, but not everyone’s idea of a complex password is quite the same thing. Using strong passwords for your server and website area is absolutely essential. You should also make sure everyone who has access to these passwords protects the security of their accounts.
It's possible to generate a strong password that you can remember, too. You just have to think of a strategy. Try coming up with a sentence that's personal to you. For instance, My Son Jack Was Born in 1992 could translate into the password MsJwBi1992! - all we've done here is taken the first letter from each word, the year and added a symbol on the end. And voila, a password that's strong, personal and much easier to remember than a completely random sequence of letters and numbers.
It goes without saying that passwords should always be stored as encrypted values. That'll usually be automatically handled in most 3rd party applications, but is something to bear in mind if you're coding from scratch. Finally, an SSL certificate should always be used to encrypt the transmission of passwords and other sensitive data on login forms. At Kualo we provide free SSL certificates with our hosting plans, so basic encryption won't cost you a penny.
3. Put website security and malware scanning in place
Most website owners think of security as an expense they can do without; it’s not until their site gets hacked and they go 6 months without generating a single online lead that they realise just how devastating a hack can be. Website security and malware scanning software protects a site by scanning it for vulnerabilities and advising how to resolve any issues it finds. This removes any weaknesses before they can be exploited.
Vulnerability and malware scanning should to be an integral part of any hosting service. That's why at Kualo we integrated the Patchman vulnerability and malware scanner on our servers. Patchman scans some of the most popular web applications for out-dated applications, vulnerabilities, and malware. It's purpose is to scan your site and fix any known vulnerabilities it finds without damaging your site. We additionally offer SiteLock as an additional tool to help protect your site, which also includes a badge so you can let your visitors know that your site is safe.
4. Backup your data
Your website data is incredibly valuable, so it makes sense to find a backup service you can rely on. As well as creating a daily backup of your data, a good service will also monitor your site and notify you when any changes were made and what was added, modified or deleted. You can then restore your website to any previous backup version to make sure no important data is lost.
At Kualo we provide free daily backups with all hosting plans, which allows you to restore your whole account at any time from 30 restore points. You can additionally add off-network backups with CodeGuard, which will keep you apprised of any changes too.
As a website owner, the thought of a hack can be terrifying, but these are the simple website security measures you can put in place to stay secure online and prevent a hack.
By hosting your website with Kualo, you have already significantly decreased the risk of hacking. In addition to Patchman malware scanner, which has prevented a thousands of websites from being hacked, we also have a whole host of other technology that works in the background on our servers to help keep your sites safe and secure.
If you're not hosting with Kualo but have had problems with hacked websites - why not take a look at one of our hosting plans - we'd love to welcome you!