Even if you are convinced that no one is going to hack your website, because it does not contain any secret or valuable information, this does not mean it is impossible. Did you know that according to a recent study done by Sucuri 83% of the hacked websites in 2017 were WordPress based? A breakthrough in your platform does not necessarily mean that the perpetrators will steal your sensitive information, but there is a big probability that they would use your server to flood users with spam messages and emails.

Now, let’s take a closer look at some of the most popular tips and tricks that you can implement to make your website less vulnerable and more secure for both – your personal use and your clients’.

 

1. Make updates a tradition

It’s not just about updating your platform, but also about updating any script, code, software, or extension you’ve installed on it and are currently using. Hackers work hard to find the weakest system spots. And outdated software platforms seem quite tempting for them because they make room for malware action.

 

2. SSL certificate must be ON

The SSL certificate is a key element of the website security and a safer Internet surfing. It encrypts and protects the information that is being exchanged over the worldwide web. It makes sure that your personal data reaches its final destination intact. You can easily check if your website has an SSL certificate by simply looking at the URL. If it starts with HTTPS and not HTTP, then your website is OK (secure). Even for Google. The Internet giant announced that from now on it will prioritize HTTPS websites in SERP (search engine results page). You can find more information on this topic in our blog article we wrote earlier and gives you the 4 main reasons why you need an SSL certificate.

*Useful: 20 Less Known factors for Better Google Ranking

 

3. Forget about easy passwords

Nobody likes to come up with, memorize, and enter complicated passwords. However, easy and short ones are an open book for hackers that in the 21st century are armed with specialized software exactly for such purposes. Therefore, if you want higher website security, it is extremely important to implement a strict password policy. Apply it not only to the passwords you use for web administration and support but also for the ones that your users use to log in. What is the perfect anti-hacker password?

• At least 10 characters long
• Contains uppercase and lowercase letters
• Includes at least one special character
• Contains digits
• Does not match your username, domain, email, etc.
• Does not contain consecutive digits or letters
• Does not match other passwords of yours
• Is changed frequently

 

4. Backups are your best friend

Backing up your website is not just an effective defense wall against hackers. In fact, it is the only automatic tool you can use to restore your website in case a problem occurs. You will be grateful for the existence of backups in the event of a system crash, bugs, data loss, virus, malware, an update that failed completely, or an unintended mistake done by your web administrator or support team. Reasons are endless, but at the same time backing up your website regularly is not costly or time-consuming at all. On the contrary, it will save you time and money. Just imagine if you were to rebuild your website or restore it manually from scratch.

 

5. Scan your systems

In general, we are quite busy with website search engines optimization, link building, updating and adding new blog content, providing excellent customer service, and so on. But we should not forget to keep an eye on and improve its security. It is advisable that you perform regular system scans to detect potential threats and attacks. You can use online tools for this purpose like ScanMyServer, SUCURI, or hire a specialist to do a professional analysis for you and advise you what steps should be made for better web security.

 

6.One website – one server

Yes, it is much more practical and inexpensive to host multiple sites on a single server. Experts, however, say that this is the far less safe option. They recommend (if possible) having just one Content Management System (CMS) such as WordPress per server. Why? Because if there is a breach in one of the websites on the server, the rest may be affected too. The problem becomes particularly big if one of them is an online shop where your store customers’ data and their orders history.

How about you? What tips and tricks do you use to make your website hacker-proof? Share in the comment section below or email us at info@speedflow.bg in case you need to improve your website security.

If you have a website then you must have heard about SSL certificates. But if you haven’t or do not have one installed on your website, we will give you 4 reasons why you need to do this ASAP. But firstly:

 

What is an SSL certificate?

The SSL certificate (Secure Sockets Layer) is the backbone of secure web browsing and information sharing over the internet. This specialized technology encrypts information and ensures that the connection between two sides – the client and the server, is completely safe.

 

Side 1: The Client (user) – the browser you are using and the request you are making when visiting a website.

Side 2: The Server (website) – the server on which the website is hosted.

 

*You need to check if your SSL certificate is installed on both your website and the C panel. There are some cases where this is not set by default.

Thanks to SSL certificates all sensitive information and personal data that are being sent from one computer to another over the internet are protected from unauthorized access and fraud attacks. This is extremely important because when information is shared online, it goes from one computer to a server, from that server to yet another computer and so on until it reaches its recipient. If you don’t have an SSL certificate, there is a great chance your data will be accessed and used by third parties before reaching the final destination.

 

How to check if a website has an SSL certificate?

The quickest and easiest way to do that is by simply looking at the URL structure of the website. If it begins with the prefix “HTTPS”, it means it does have an SSL certificate if it begins with the standard “HTTP” – it does not.

Example:

 

Why do I need an SSL certificate?

 

1. Protection against data theft

It is true that having just an SSL certificate on your website will not provide complete protection against all types of information theft, be it hacker attacks, viruses, system violations, misuse, etc. But this protocol is one of the most important tools for making the internet a more secure space for information processing. It not only encrypts data but also ensures its integrity until it reaches the right server, not a fraudster’s one. That is why it is essential to get your SSL certificate from a well-known provider.

Where can I buy my SSL certificate from?

You have two options. The first one is to buy SSL from your hosting company. The second option is to get it from a renown provider like:

• Let’s Encrypt
• IdenTrust
• Comodo Essential
• RapidSSL
• GeoTrust

 

2. A must for online payments

No eCommerce website would exist if there is no way for costumers to pay for the purchased goods/service and that includes online payments. If you want your website to accept any type of online payments (credit and debit cards, virtual POS terminals, PayPal, etc.), there are certain security conditions you must comply with. Having an SSL certificate is one of them.

 

3. A way to make clients trust you

Every country has enforced laws regarding information integrity and personal data protection. In today’s digital era the need for adapting those rules and creating international regulations becomes more and more necessary. As most of you may know by now, in May this year the new regulation for personal data protection (GDPR), initiated and accepted by the European Commission, came into force. The main purpose of this directive is to protect individuals living in the European Union with regards to the way their personal data is being used and processed.

We live in times where the number of identity thefts has reached their peak. That is why most people put a high priority on the protection of their personal data. A website with SSL instills a sense of security in its users. Did you know that according to a research done by Search Engine Land 84% of interviewees would abandon a purchase if they see that their data is being sent over an insecure connection, which will inevitably have a negative effect on sales? And you would not want that, right?

 

4. Google’s favorite

Back in 2014 Google introduced their “HTTPS Everywhere” campaign with the idea to make the internet a safer place for users and the information they share. Since then the campaign has been updated several times. The latest change was introduced this month. From now on Google Chrome, Google’s web browser, will notify the users if a website has an SSL certificate or not by marking it as “SECURE” or “NOT SECURE”. Here is how a website looks:

 

With an SSL certificate – Example 1:

 

Example 2:

 

Example 3: Without an SSL certificate, when you do NOT fill in some data

 

 

Example 4: Without an SSL certificate, when you fill in data in a contact form for example

Moreover, Google is giving a push to websites with SSL certificates by ranking them higher in the search engine results page (SERP) compared to those that do not have one. So, if you want to improve your position in Google, work on your website SEO optimization by activating an SSL certificate.

In 2018 50% of organic search results on the first page in Google have an https link, which is, in fact, the highest percentage in history so far. At the same time, 81% of the world’s top websites use an SSL certificate.

 

And you? How and where do you want your website to rank? Is your site secured with an SSL certificate? If you need any help installing it, we at Speedflow Bulgaria can help!