With hackers and online criminals always looking to exploit vulnerabilities in websites – its never been more important to keep on top of your IT security. To keep your website secure, you need multiple-layers of security in place to help defend against any online attacks.
Here are 3 must-have security measures to help make your website more secure.
There are plenty of opportunities to connect to Wi-Fi networks when you’re on the go these days. But even if a Wi-Fi network has a password, that doesn’t keep you safe from other people connected to the same network. It’s easy for any of them to see what you’re doing and potentially steal critical information. You need to make sure that your website is secure for browsers and to do that you need to set up an HTTPS connection.
What is HTTPS?
Hypertext Transfer Protocol Secure (HTTPS) allows users to browse your website securely. It encrypts the data as it travels between the user’s computer or mobile device and your website, making it useless to hackers if they intercept it. This is particularly important for websites containing customer data and eCommerce sites, where money and sensitive data are frequently transferred.
To create an HTTPS connection, a web server requires a Secure Socket Layer (SSL) Certificate.
How do I know if a website has an SSL certificate?
You can tell if a website has an SSL certificate installed by checking that the URL starts https:// and there is a padlock. These are both signs that the data will be encrypted, so users should tread carefully when using sites that don’t have that symbol.
What if I don’t secure my website with SSL?
If a user connects to your website via an insecure network, critical information such as account passwords or personal data could be picked up by criminals.
If data is hacked via your insecure network, you could be held responsible. An SSL certificate not only protects your customers’ data but also helps to maintain your customers’ trust and safeguard your reputation.
Can having an SSL certificate improve my search ranking?
Google recognises the importance of online security and, in their efforts to make the internet more secure, they encourage all websites to create a HTTPS connection. They have even started using SSL as one of their ranking factors. So not only does a HTTPS connection make your website more secure, but it can also have a positive impact on your SEO performance.
A redirect can also be set up so that visitors visiting your previous URL (starting http://) will be automatically redirected to your new secure URL (https://).
How do I set up an SSL certificate on my website?
You need to purchase an SSL certificate from a certified authority and install it on the server. The certificate is normally valid for a year and needs to be renewed annually. Alternatively, speak to your hosting provider to find out if this is a service that they offer.
All Oxford Web website packages come with an SSL certificate installed as standard.
Security updates are crucial for keeping your website secure. Just as you’d be unwise not to fix a broken window at home, failing to keep your website security updated makes you easy prey for criminals.
What are web security updates?
Security updates fix vulnerabilities in systems, preventing your website from being exploited by hackers, who are continually searching for weaknesses to exploit. Security updates ‘patch’ up these vulnerabilities keeping your systems secure.
How do I check if I have any security updates?
Monitor your security updates by checking your content management system (CMS) dashboard. Most CMSs, such as WordPress, display the updates ready for download.
Oxford Web’s hosting packages include regular back-ups of your website and security updates as standard.
You’ve secured your website with HTTPS, you’re keeping on top of your security updates, your anti-virus is up-to-date and firewalls are in place…don’t fall at the final hurdle. Be smart when it comes to your passwords.
Choose passwords that: