Keep your site secure from hacker bots
If your small business relies on its website for new leads, having a Website Security Action Plan is essential.
Bots online specialise in identifying weak sites and pirating their audience. Those hacked websites have all their links redirected with malicious code to dangerous online spaces. This could affect both your immediate traffic, but especially your brand reputation. Google blacklists tens of thousands of websites every day, effectively wiping out all organic traffic to those affected sites.
The threat increases drastically as soon as the sites are not properly maintained and can mean serious consequences, especially to small businesses. Rebuilding after a breach is difficult, this is why we encourage you to protect your website.
There is a large surface area on your website which hacking bots can attack. Squarespace, WordPress and other content management systems have plugins and themes—built by a myriad of third party sources—easy to install but full of code that ages quickly. Outdated software are the prime targets from malware.
Security patching regularly is essential, and changing plugins when they are no longer followed up by their developers is a must. The average number of plugins on a WordPress site varies. Most small businesses that come to us have about 20 to 30, which means that many potential security risks. No website is 100% secure, this is why having a plan that includes regular backups is important.
We offer a wide range of customised strategies for website security maintenance and can help you update your software and manage your site for you.
We can put in place the following good practices for you:
- Host your website on a secure managed server.
- Assess your plugins. Do you need them? Are they being regularly maintained by the developer? Are they up to date?
- Update all website software, including WordPress, plugins, and the theme. Not forgetting to update your PHP (carefully) as well.
- Remove any unused plugins and themes to reduce maintenance overheads (and speed up your website).
- Have a regular backup plan that includes storing a copy of your website files and database somewhere else, additional to storage on your web hosting server.
- Add fine-tuning website security plugins, like Wordfence.
- Ensure that your website has a valid SSL certificate, a padlock in the address bar of your browser, and your website address starts with “https” rather than “http”.
- Add Google ReCAPTCHA to your contact forms—it’s a free service that makes it difficult for bots to fill out your forms.
- Use Cloudflare to make it more resource intensive and costly for perpetrators to deploy hacking bots.