Whether your website is brand new or an old stand-by that you have had for years it is extremely important that it is secure from possible attacks. We’ve all heard horror stories about hacked websites from friends and colleagues. What can be done to make sure that doesn’t happen to your site? Surely your web host has your back? Right? Maybe, but often necessary security measures and backups are add-ons that many users don’t realize they need until too late.

What type of security do you need?

To start its always a good idea to employ multiple levels of security on your website. With multiple levels of protection if one layer fails the additional layers will be there protect your site from attack. A good analogy here is home security. Having a door on your house prevents random people from simply walking in. Having a lock on that door prevents people from opening that door and entering. Having a fence might keep people out of your yard and away from your door altogether. Finally, if these aren’t enough to protect your home you may choose to install an alarm system that alerts you when someone is attempting to enter your home.

SSL Certificates

The most basic form of security that every site should have is an SSL certificate. These certificates are what allows your site to use the https protocol that is now a prerequisite for good SEO. An SSL certificate protects the information that is transmitted to and from your site in the web browser and are a must for all sites especially those with forms or e-commerce.  If your host offers it, services like Let’s Encrypt issues free certificates. Paid certificates can be purchased from Namecheap or GoDaddy. Paid certificates can cost as little as $15 a year and go up from there depending on the amount of traffic, connections and insurance your business needs. All sites hosted on Glacier Media Digital’s hosting and maintenance plan include an SSL certificate at no extra cost.

Firewalls

Next, your hosting account should have a firewall. Most hosts offer firewalls and some include them in their packages, however many do not include them in their basic plans. Instead, they are an a la carte add-on. Adding this to your account can cost as little as $10 per month but again costs can rise depending on the level of protection you need. All sites hosted on Glacier Media Digital’s hosting and maintenance plan include a firewall at no extra cost.

The next layer in your website security is a web application firewall (WAF). This is a firewall that protects your application itself. In the case of WordPress websites, WordPress is the application. Several plugins can cover your WAF needs, many of which also offer threat detection, password hardening, and other security features. The most popular of these are iThemes Security and Wordfence. Each has great features and there are many comparison posts across the net that can help you decide which plugin is best for you. All sites made by Glacier Media Digital have a WAF installed on launch.

Finally, you must keep your WordPress, Themes, and Plugins up to date. To learn more about updates and backups check out our three-part series on Backups and Updates here.

Speaking of updates…

Does your host do updates for you? Are they stored in a safe location? Just like with web security it is important to have multiple levels of backups. While back up plugins are a great option its always a good idea to get your host to perform regular backups of your server and store them safely so that you can roll back to a previous version if something goes wrong with your site’s backup plugin.

If all of this seems a bit too daunting Glacier Media Digital also offers Hosting & Maintenance packages. Contact us or your sales rep to find out more.