Many hacked websites go weeks, months or even years unnoticed, and most website owners only find out that they’d been compromised when they get a notification from their web hosting provider. Unless a hacker wants to get caught, you’ll find that most will try to remain undetected for as long as possible. Personally, I’ve found that the most dangerous hacks are the ones that do not affect typical website behavior or company email.
Many people assume that because their website is hosted on a secure server that the website is also secure, but that is often not the case. It all boils down to the way that the website is built, no matter how secure your server is, if your code is out of date, or just plain sloppy, there’s a good chance that you could have vulnerabilities in your website, and possibly get hacked. The simple fact of the matter is that many clients are under the impression that when their website was tested and launched, that it’s set and only needs updating when you want to make changes. This couldn’t be further from the truth. Your website needs to be maintained, not only for the sake of keeping fresh content to continue to build visitor loyalty, but also to make sure that your site’s framework remains up to date, and any vulnerabilities are patched and secured.
Fortunately for you, the popularity of these platforms has opened a new industry of developers that have been able to build entire businesses on supporting, developing, and creating new and exciting ways to easily secure and maintain your website.
Many website hacks go weeks, months or even years unnoticed.
1) Planning ahead will save your sanity
As the old adage goes, “the best offense is a good defense”. Those same principles apply when planning the development of your website. I can’t stress enough how important it is to find and retain a reputable web designer.
The best approach to security would be to start at the inception of your website. Ideally your web developer should utilize a framework that takes advantage of “child themes”, or templates, allowing you to safely design and develop your website while effectively keeping the functionality separate from the design.
If you are uncomfortable updating your website, then it might not be bad idea to make sure that you retain a professional web developer that can assist you. Personally, I would be wary of any developers that would expect to be taken seriously and professionally without ensuring that they are being compensated fairly, meaning that if you are spending $2- $300 on your website then it is quite possible that your developer is cutting corners and not giving you a great quality, long-lasting website. Investing a little research and money on a proper web developer will ensure that your website becomes an effective tool in your business’ marketing arsenal for years to come.
Web templates, plug-ins, software, support, etc. are all services and products that cost money. We all know that there are ways to obtain those templates and plug-ins without paying for them. But, you’re not just paying for the software, but you’re also supporting a developer and in turn, you’ll most likely receive product support and updates, a feature that isn’t an option if you steal the software.
Not to mention, that those same people sharing stolen files illegally may also have ulterior motives, such as leaving a back door open for them to come back to your site and do as they wish, whenever they please.
2) Backup Your Website Regularly
Having at least a copy of your entire finished website can save you thousands in the event that anything ever happens.
We have a saying around development circles,” save early and save often”, and this couldn’t be more relevant than when your website is involved. Many web hosts provide easy ways to back up your website. cPanel, the most popular web hosting interface, provides one-click backups with a very easy to use backup wizard. The backup wizard prompts you for options, allowing you to selectively backup portions of your websites, databases, or create a complete backup.
Although we are addressing site security, there are so very many obvious reasons to maintain a backup of the site that stem beyond security.
Most decent web developers will provide you with a backup of your site when they launch your site, and typically will have one available should you need one down the road. This very simple task can save your company hours and days (possibly months) of frustration, down time, and productivity.
3) Keep your website healthy the easy way with updates
The most popular content management systems today provide site owners with the ability to easily update scripts, modules, plug-ins, etc.. Often you will find that content management system will offer you the ability to update their entire framework easily with just a few quick clicks.
**Although these systems may seem straightforward, it is important to make sure that you at least have a backup of your website before running an automated update, especially if you have any custom work done on the website or your code, as it is possible to accidentally overwrite any customizations your developer may have made to your website.
4) A layer of security never hurt anybody
These services provide you with numerous different options for actively monitoring and protecting the website, including:
- Web Application Firewall
- Routine Backups
- Vulnerability Scanning
- Automatic Fixes
- Brute Force Protection
and many other layers of protection to help keep your website safe.
Personally I prefer 6scan because of its automated fixes and manual fix suggestions, but there are plenty of options available with prices starting at free. There really isn’t any reason why you should not have this installed on your website, if not your entire server.
5) Become a regular visitor to your website
Actively visit your site! I know it seems very simple but often we find that website owners go weeks or months without knowing their site had been hacked simply because they haven’t visited recently.
The longer your site goes untouched, the more inviting it is to hackers looking for an easy target. Just going into your site regularly, always lets you know it’s online, and having frequent inspection gives you the opportunity to review your site from time to time and help you take notice of what improvements and revisions you can make.
Keep your site updated, spruce your text up from time to time, make regular changes, add new pictures.. Try to keep things fresh and you’ll find that it will keep your visitors interested, and keep them returning to your site.
After all, no matter how good your website looks people don’t need to see the same content more than a few times, no matter how great it is.
6) Don’t be afraid to ask for help!
At the end of the day, I realize that many website owners, even with the proper precautions are still very uncomfortable with making any changes to their website. That’s not a problem, I wouldn’t cut my own hair. We all have our own proficiencies, and sometimes, things are better left to the professionals. It’s not uncommon to retain a professional that will be available assist you with ongoing website maintenance that your business requires.
Our company, Design Dish, offers the Overlord service with basic monthly maintenance packages starting as low as $19.99 a month, and I’m sure that there are other developers out there that also offer similar, yet probably not as awesome, packages.
While there are many other important things to keep an eye on when you’re building your website, these are some of the main things to look out for when trying to protect your investment in your web presence.
At the end of the day, having your website hacked be an expensive and embarrassing experience, making your company appear unprofessional, unprepared, and outdated. We hope that these six simple steps will help you safeguard your web presence and keep you online for years to come.