Web Security 101- Here’s How to Keep Your Site Safe From Hackers

There is a hacker attack every 39 seconds. It’s never been easier for hackers to access your information online, which is why it’s never been more important to have tight web security on your side.

Implementing the right web security tactics is vital to ensure you won’t have your identity stolen or your site taken over. Fortunately, there are a number of strategies you can start today to make your computer a little safer. Read on to learn some important tips about web security.

Keep Your Software Updated for Optimal Web Security

We know, we know….that little update notification is so annoying. However, that little update can be the primary thing protecting you from hackers. This is especially the case if you find yourself using third-party software on your websites like WordPress or Umbraco.

If you really have a hard time staying on track of your updates, try using one of the many tools available that will give you an up to date notification when a vulnerability is announced on one of your software components.

Always Keep a Back-Up

This is more as a precaution in case you manage to ignore the rest of the suggestions that follow. In the event that you do get hacked and something goes wrong with your computer, you’re going to wish you had a backup.

Make sure to always keep your data backed up, and this goes for both online and offline. If you find that you have trouble creating the habit just sign up for a cloud-based service that will automatically back up the data for you.

If you have a trustworthy host they should have a back up arranged for you.

Always Choose HTTPS

When it comes to links, HTTPS is your friend. This means you should always be sure that you can see the green https button in your browser bar, especially when you’re going to a site like a bank or an email where you may be handling personal information.

Those five little letters can help determine whether you’re signed in to the real deal, or if you’ve made your way to a hacker based clone. Always check for the green before filling in any important details!

Know What Makes a Good Password

You’re a grown up now and it’s time to graduate from passwords that look like “lastname123”. In fact, the best passwords you can use are the ones you probably won’t remember.

Don’t worry, there are a number of password generators that will provide you with a top-notch password. Some even come with a “keychain” feature that keeps track of which passwords are for which accounts because you really should not be using the same password for every account.

Try an SSL Certificate

Since the summer of 2018, SSL certificates were released as a form of a security check. This basically means that there is a secure transfer of information happening between two parties and it’s not being intercepted in the middle by someplace that it shouldn’t.

If you run an online store or any type of vendor service, it’s wise to invest in an SSL certificate so that shoppers know they’re safe sending money to you. Likewise, you should always check for an SSL certificate before making any kind of online purchase.

Keep Your Directories a Secret

One of the best ways to prevent hackers from accessing your site is to always keep admin directories hidden. This means making it almost impossible for the hacker to find your “admin” folder which allows them to manipulate the script of your site.

You can help keep the directory hidden by renaming or disabling your listings and modifying your websites script so it won’t show up on any search engines.

Don’t Skip the Firewall

This one should seem obvious, and yet many people skip on the firewall altogether. If you’re trying to protect your computer you’re going to need some form of security for it and a firewall does just that.

Your firewall will be able to sort through HTTP traffic, prevent toxic pop-ups, and even detect cross-site scripting and file inclusion. This is a must if you download files from the internet on a regular basis.

Never Trust an Error Message

While it may look like those error messages are there to protect you, they’re actually a trojan horse. Hackers give minimal errors to computers to allow you to download the “tools to fix it”. These tools are often encrypted with more complicated and damaging viruses.

Only trust error messages that provide ample details and don’t require you to enter any information or download any type of “fix”. Simply save the error messages in your server logs just in case the information is needed later on.

Always Validate

Whether you’re coming or going you should always validate on both sides of the browser. Sometimes the browser can skip over sections and mandatory fields and can send you to dummy sites where you enter in more information than you should.

To be sure, always check for validations (like leaving mandatory fields empty or putting numbers into text boxes). Once it comes back validated you know that you’re in the clear, otherwise you are leaving yourself open to malicious code or scripting.

Upload as Little as Possible

Whether it’s you personally uploading files to your site or your visitors, it’s important to limit the amount of file sharing that happens on your site as much as possible.

Your visitors may not know that they are uploading an infected file, but it’s just like passing around a cold you didn’t know you had. Your best bet is to keep your hands clean and not touch anyone, to begin with!

Start With a Strong Foundation

Strong web security starts as early as when you choose who to host your site with. Choosing a host who cares just as much about protecting your site as you do is key, which is why you’ll want to look for features like sitelock to keep your site safe and sound.