Just how you secure your car or house with alarms and locks, the same needs to be done on your website. Securing your site not only lets you rest easy at the end of the day, but it also helps boost SEO credibility with Google and helps gain trust from people visiting your website with the little green lock in the URL.
Step #1: Use HTTPS (SSL Certificate)
An SSL Certificate is short for Secure Socket Layer, which encrypts a secure connection between the visitor and the server on which the website is hosted on. Purchasing an SSL for your website is a MUST for any serious business. For a bottom tier SSL, they usually cost $70 per year depending on where you purchase it from. There are different levels of SSL Certificates such as Domain Validated (DV), Organizationally Validated (OV), Extended Validation (EV). Each for a specific kind of businesses that need to stay in compliance with regulations and needs that extra layer of security.
As Norton describes it “This authentication process is much like sealing a letter in an envelope before sending it through the mail.”
An SSL certificate helps secure information such as:
- Login credentials
- Credit card transactions or bank account information
- Personally identifiable information — such as full name, address, date of birth, or telephone number
- Proprietary information
- Legal documents and contracts
- Medical records
Google Chrome announced earlier this year that any website that is not switched from HTTP to HTTPS (a secured site) will say “Not Secure” in the site URL. Google says that they are striving to make users more aware of website security.
Step #2: Keep your website platform and software up-to-date
When building your WordPress website, new users often get excited when they find out about the thousands of Plugins available to them. Plugins are applications that can be added to your website. Everything from Security, Builder Tools, Social Media Integrations and other miscellaneous website features. I recommend only installing Plugins that are necessary for your website in the beginning for a few reasons.
First, it’s important to remember that when you install and activate a Plugin it adds to the backend code of your website. Adding too many Plugins, especially if you’re unfamiliar with them, can break the website or slow it down. When you set up your new WP site, try WP Rollback. I’ll admit this has saved me a time or two. WP Rollback “rolls back” a Plugin to a previous version that you choose and allows you to preview the website before you click “Rollback”.
Step #3: Make sure your passwords are secure
I’d recommended changing your password at least once a quarter and use LastPass to keep track of your passwords.
Here are some tips on Creating Strong Passwords
- Never use personal information such as your name, birthday, user name, or email address.
- Use a longer password. Your password should be at least six characters long, although for extra security it should be even longer.
- Don’t use the same password for each account. If someone discovers your password for one account, all of your other accounts will be vulnerable.
- Try to include numbers, symbols, and both uppercase and lowercase letters.