There’s no 100% guaranteed way to keep hackers from getting into your website (other than to NOT have a website). However, there ARE some things you can do to protect your small biz website from being compromised. Here are 6 of them:
- Don’t use ‘Admin’ for a username, especially on WordPress. Think about it: this gives hackers half of your login credentials!
- Choose a secure password (i.e., NOT password123). Check out howsecureismypassword.net [or hsim.pw for short] to see how long it would take a computer to crack your password.
- Invest in a firewall like this one by Sucuri, which supports websites built on any platform and starts at just 10 bucks a month.
- Set up a scanning service. There are some free ones like Nikto or you can get Sucuri’s SiteCheck (starting at just under $17/mo). These both work on all platforms. For WordPress, I personally like and use WordFence, which has an excellent free version, but you can get the premium version for $99/year (or less if you ‘buy in bulk’). Services like these not only detect external things going on that could harm your site, but can also detect vulnerabilities within your site (and its servers) and alert you to them.
- Limit Login Attempts (this one’s specific to WordPress). There are plugins you can install like this one (or if you use WordFence, it’s got a login limit option you can turn on).
- Use a comment spam blocker. There are a lot of free spam blocker plugins available for WordPress; I was using one called Anti-captcha that worked quite well until I wanted to make my site more mobile friendly and it conflicted with the mobile technology I had chosen to use. So I went in search of a solution and found CleanTalk.org for just $8 a year. Akismet is probably the most ‘popular’ spam blocker, but it’s $5/month, so CleanTalk is the better deal and has served me quite well these past couple of years. (Side note: CleanTalk and Akismet both work on any platform and there is a free version of Akismet, but you’re only supposed to use it for personal websites.)
In case you’re wondering, not one of those links is an affiliate link. I’m getting no kickback from anyone and no compensation other than the satisfaction that comes from sharing the things I’ve learned and helping fellow small business professionals in whatever way I can. Smiley face.
This content originally appeared as a Facebook Live broadcast and is now available here and via YouTube video for your replay enjoyment. Tune in Thursdays at 2:30PM EST for more social media and web presence low-down. And coffee!
Has your small business website ever been hacked?
What tools and services did you use to remedy the situation?
What would you like fellow small business professionals to know about web security?
[block id=”3157″ title=”About the Author”]