1. All websites should have an SSL Certificate. This will give your visitors the confidence to shop and use your website securely. Plus, Google will give SEO ranking priority to sites that have an SSL over those that do not. SSL Certificates are available through many website hosts for FREE using Let’s Encrypt, but you still may want to purchase one based on your website needs. Consult a professional for an informed recommendation. Many hosting company support teams will offer you only a paid SSL.
You can tell a site has an SSL Certificate installed when you see the green padlock in the URL address bar on most browsers, and the url will start with “https” and not “http.”
Pro Tip: If you have a certificate installed but are getting mixed error messages and need help figuring out why, run your site through a test at https://www.whynopadlock.com/
Use Secure Logins & Passwords
2. Use secure logins and passwords. If you have a WordPress website, it is important that your login is not “Admin.” That is a well known default login for the quick install options and hackers know this. Most brute force attacks and password guessing schemes use ‘admin’ as the login and try to guess your password to gain access to your site. Always use a personalized login name or your email address and a very secure password.
Pro Tip: Use a password management tool like LastPass to store and keep your longer, more secure passwords. This will help you eliminate that spreadsheet or sheet of paper you keep with 100’s of passwords, and it will allow you to use different passwords everywhere. It is not safe to use the same password on multiple logins online.
Use A Security Plugin
3. Use a security plugin. If you have a WordPress website, there are several security monitoring plugins available. We recommend BlogVault. This is ideal for protecting your site from brute force attacks, malware and hardening core files. In addition, it offers daily backups that helps me quickly restore sites in case of disaster. Get a 20% discount with my affiliate link. Checkout BlogVault
Pro Tip: Backup your site regularly. In the event your site is ever compromised, having a revolving set of backups is essential. We recommend maintaining backups on a server separate from your hosting server. For example, you can add a plugin like UpdraftPlus and set your backups to be stored on your Google Drive or Amazon AWS account. These are easy to retrieve and download in the event you need to restore your website after a hack.