In order for your website to work as a digital marketing tool, it has to work, period. Keeping your site secure is critical to its marketing performance. Here are our top tips for keeping the bad guys at bay and your website performing smoothly.
Moat around the keep at Portchester Castle – © Steve Daniels
Regular Updates and Maintenance
The single most important step you can take to ensure your website’s security is keeping the underlying code up-to-date. For most of us, this means keeping our CMS system current; updating all plug-ins, modules, and extensions installed; and deleting any of those add-ons that are no longer in use.
Outdated code bases are the number one vulnerability exploited by hackers and malware. Nothing else you do will have as big an impact on your site’s security than how rigorously you maintain it.
At a minimum you should update monthly. If critical security patches become available between updates, those should be installed as quickly as possible. (However, you should be cautious: sometimes patches and updates have their own issues, so it can make sense to delay installing them to see if problems arise and an add-on patch is released.)
If your site is infected for weeks before you realize there’s an issue, any site backups you have may be compromised. Automate the monitoring, if only because you have better things to do …
Speaking of backups, you are backing your site up, right? This should also be automated and you should consider on-server backups for convenience and off-server for added safety. Set your backup systems to keep the 4 or 5 most recent to ensure you can recover anything you might need.
Reputable hosting will likely help your site performance when things are going well, and strong support means you’ll be taking care of if things go wrong.
This is especially important if you are on a shared hosting platform. With other businesses sharing the hosting space, one bad apple could create problems for everyone on the same server. Including you. Reputable hosts will be monitoring for issues like these, which makes the few extra dollars per month worthwhile. If you’re particularly concerned, a VPS (virtual private server) can be a cost-effective alternative to the expense and management hassles of a dedicated server.
The best way to solve problems is to keep them from happening in the first place. That’s exactly what a firewall is meant to do. They are designed to intercept malicious traffic before it ever gets to your Web server.
The most critical applications might require a hardware firewall, but today’s software firewalls are better than ever and an appropriate choice for most small businesses.
Limit the number of people who have administrative access to your website. Set up tiered access so, for example, writers and editors can’t change templates and other settings.
Be sure that everyone has their own access. Shared assess makes it more difficult to pinpoint where problems are coming from.
And don’t forget to remove access for staff members whose roles have changed or who have left your organization.
None of these steps by themselves will keep hackers and malware away from your site. And even together, there is no guarantee that they will keep your site safe 100% of the time. But they will make serious problems much less likely and will keep any problem that does crop up from becoming catastrophic.