Hackers Gonna Hack: 5 Ways to Bolster Your Website Security
Failing to protect your website from hackers on the server side is like running naked into the street with your social security number tattooed across your backside. It’s even less pretty when this exposes your customers' data too. Small businesses must make website security a major priority as much as any Fortune 500 company does. If you’re working with Optuno on your website, we’ve put some pretty tough security elements on your side—but instead of just trusting us, you need to know what’s behind the curtain yourself:
1. Secure Socket Layers (SSL)
You know if a website is using SSL if there’s a little padlock icon next to its URL, which should start with https:// rather than just http:// (“s” for “secure”). These extra layers of protection secure your customers’ information by installing several layers of encryption to stymie hackers. The stronger your SSL, the better—we use SSL on your Optuno website.
2. Brute Force Protection
Optuno’s Brute Force Protection prevents hackers guessing your password to break in—you get to customize how you want it to work. You can choose how many attempts someone has to input passwords before they’re banned, how long you want the ban to last, IP addresses to ban, etc. On your end of the content management system, simply click “Add New Protection Rule” to create stronger rules and view the “Brute Force Log” so you can see which IP addresses have been trying to sneak in the back way. Check this on a regular basis.
Don’t be caught without a daily backup if hackers strike (or some other system apocalypse). Also, store daily backups securely in an offsite location for extra protection. Set backups to happen automatically every day so nobody accidently forgets to do it. Test the backups on a regular basis to make sure they’re working. Then, if the worst happens, you’ll be ready. And the good news for those of you using Optuno's web developing services: we back your website up twice a day, every day, in a secure off-site location.
4. Regular Server Maintenance
Constant vigilance! Keeping all the software that connects to your website updated is a crucial way to protect security on the server end. As hackers continue to search for and exploit weaknesses in previous iterations of your software packages, developers on your side (here at Optuno) are also constantly working to bolster security. Regular maintenance and updates are essential to keeping the bad guys out.
5. Secure Passwords
We desperately hope that none of you ever use “password” as your password anywhere—and certainly not for anything you do with your business website—and especially not for FICMS. Follow this advice from our “white hat hackers” (good guys who try to find website vulnerabilities before the bad guys do) to come up with a tough password you'll actually remember:
- Think of a sentence you will remember: “I hate eating grilled cheese sandwiches on the beach.” (The longer the better)
- Break that down into an acronym: “Ihegcsotb” That gives you at least one capital letter.
- Capitalize at least one of the other letters, switch one of the letters out with a special character, and switch another one out with a number, like so: “IhegC$0tb.”
Avoid using any word you can find in the dictionary or that’s obvious like a birthday or someone’s name.
By knowing some basic website security techniques on the server side, you’ll be more educated on ways to keep your website, your customers and your business out of the hands of hackers. Let us know if you need help or have questions!
April 7, 2017