3 ways to make your website more secure

Hosting concept with padlock

With hackers and online criminals always looking to exploit vulnerabilities in websites – its never been more important to keep on top of your IT security. To keep your website secure, you need multiple-layers of security in place to help defend against any online attacks.

Here are 3 must-have security measures to help make your website more secure.

1. Get an SSL certificate

There are plenty of opportunities to connect to Wi-Fi networks when you’re on the go these days. But even if a Wi-Fi network has a password, that doesn’t keep you safe from other people connected to the same network. It’s easy for any of them to see what you’re doing and potentially steal critical information. You need to make sure that your website is secure for browsers and to do that you need to set up an HTTPS connection.

What is HTTPS?

Hypertext Transfer Protocol Secure (HTTPS) allows users to browse your website securely. It encrypts the data as it travels between the user’s computer or mobile device and your website, making it useless to hackers if they intercept it. This is particularly important for websites containing customer data and eCommerce sites, where money and sensitive data are frequently transferred.

To create an HTTPS connection, a web server requires a Secure Socket Layer (SSL) Certificate.

How do I know if a website has an SSL certificate?

You can tell if a website has an SSL certificate installed by checking that the URL starts https:// and there is a padlock. These are both signs that the data will be encrypted, so users should tread carefully when using sites that don’t have that symbol.

What if I don’t secure my website with SSL?

If a user connects to your website via an insecure network, critical information such as account passwords or personal data could be picked up by criminals.

If data is hacked via your insecure network, you could be held responsible. An SSL certificate not only protects your customers’ data but also helps to maintain your customers’ trust and safeguard your reputation.

Can having an SSL certificate improve my search ranking?

Google recognises the importance of online security and, in their efforts to make the internet more secure, they encourage all websites to create a HTTPS connection. They have even started using SSL as one of their ranking factors. So not only does a HTTPS connection make your website more secure, but it can also have a positive impact on your SEO performance.

A redirect can also be set up so that visitors visiting your previous URL (starting http://) will be automatically redirected to your new secure URL (https://).

How do I set up an SSL certificate on my website?

You need to purchase an SSL certificate from a certified authority and install it on the server. The certificate is normally valid for a year and needs to be renewed annually. Alternatively, speak to your hosting provider to find out if this is a service that they offer.

All Oxford Web website packages come with an SSL certificate installed as standard.

2. Stay on top of your web security updates

Security updates are crucial for keeping your website secure. Just as you’d be unwise not to fix a broken window at home, failing to keep your website security updated makes you easy prey for criminals.

What are web security updates?

Security updates fix vulnerabilities in systems, preventing your website from being exploited by hackers, who are continually searching for weaknesses to exploit. Security updates ‘patch’ up these vulnerabilities keeping your systems secure.

How do I check if I have any security updates?

Monitor your security updates by checking your content management system (CMS) dashboard. Most CMSs, such as WordPress, display the updates ready for download. 

  • Check if your website is backed-up as part of your hosting package. This means that you will have a recent version of your website to go back to should your website get hacked.
  • If your website is more than 5 years old, speak to your hosting provider to make sure that you are receiving the necessary updates and your CMS is still fully supported. It may mean migrating to a newer CMS to ensure your website remains fully secure.
  • If you are unable to keep on top of your web security, it is worth finding a company to manage your security for you.

Oxford Web’s hosting packages include regular back-ups of your website and security updates as standard.

3. Be password savvy

You’ve secured your website with HTTPS, you’re keeping on top of your security updates, your anti-virus is up-to-date and firewalls are in place…don’t fall at the final hurdle. Be smart when it comes to your passwords.

Choose passwords that:

  • are memorable to you only.
  • are over 12 characters long – these are harder for hackers and computer programs to crack.
  • combine different words – random or quirky phrases work well.
  • include one or more special characters – capital letters, an exclamation mark or numbers.
  • are unique – choose a different password for each account you own. Use a password manager to safely store your passwords – it means you only have to remember one master password.

Get in touch!

All Oxford Web websites are built with an SSL certificate installed as standard. If you are interested in finding out more about our website packages, please get in touch.