Website security is more important than ever with more hackers & scammers using all kinds of dangerous methods to steal data, redirect website traffic too dangerous websites or even break them which can ruin businesses. Fortunately, there are a countless number of measures you can take to fully properly yourself regardless of whether you have a one-page website or a 400 page eCommerce website.
The most simple thing you can do is make sure your website was built by a reputable company as poorly written code can pose a massive security risk by allowing scammers to steal data or inject dangerous code. It doesn't matter how much other security you apply to your website if the code uses old deprecated methods and is poorly written it will never be secure.
This generally only applies to content management sites and eCommerce websites.
Another simple measure you can take is by purchasing something called an SSL certificate, it stands for 'Secure Socket Layer' and encrypts any data that is sent from the server. In layman’s terms, it provides the green padlock with HTTPS you see at the top.
When you fill out a form and press send, the data is secured with an encryption and no one can access it other than the server the website is on.
As a plus SSL certificates are also a ranking factor for Google, sites with them generally are seen as more legitimate and as such Google prioritises them above non-secure sites not to forget the more professional look.
There are multiple different types of SSL available but your hosting provider should be able to inform you in more detail about these and which one is best suited to your website.
If your website uses something called a CMS or 'Content Management System' (somewhere to log in and make changes) then make sure you use a strong password using alphanumeric & special characters to make as hard as possible for people to gain access. For example 'simple' may become '$imP!e' as this is much harder to guess.
Again make sure to not use this elsewhere, keep all your password unique and change them every few months. Avoid writing them down or storing them in an obvious file on your PC or laptop.
Do you have a contact form on your website? Let's say you do, does it have a captcha of any kind?
A captcha is something which only humans can complete, it may say 'repeat the numbers and letters shown in the above box'.
Not having one opens your email inbox to spam, we recommend Google's reCaptcha as it's incredibly secure and easy to complete if it's your first time on the website.
If it's not your first visit Google's reCaptcha will ask you to tick boxes or complete some other kind of verification to avoid spam.
Again if your website utilises some kind of user based area either account or comments section, ensure you use a captcha to stop spam accounts from being created or advertisements in the comments section.
If you are unsure about any of the above or would like to know more HWS would be happy to assist you, email us at firstname.lastname@example.org or call now on 01423 313230.