Small Buisness Web Sites


Setting Up Minimal Viable Security

What is the minimum that a web owner or administrator should consider for security of their site and the content? This is a question lots of people wonder about. They typically do not take any action until they have been compromised in some manner. Then it is too late. Setting up minimal viable security is actually quite simple, it just takes a little effort on a regular basis depending on the size and complexity of your site.

Always use a content management system. They will help you to be much more efficient and consistent with the design of your site and also any updates that are needed across the entire site. WordPress is a very popular site that many web owners use. Always keep it and the templates you use up to date to protect from any vulnerabilities and hacking attempts.

What Other Things are Needed for Setting Up Minimal Viable Security

Choose Your Host Provider

Your host provider should have good account isolation between your account and anyone else who is on a shared server. If not, a hacker who gets into another site can easily migrate to your site and compromise it. There are lots of hosting providers. Choose one that has been in business for some time and one that has a good record.

Keep Your Content Management System Up To Date

Always update your CMS (WordPress), themes and plugins as soon as they are available. Updates will include bug fixes, vulnerabilities that are plugged and new features that may be of interest. Always use a reliable source for any themes or plugins that are employed on your site.

Use Strong Passwords

Use a password generator to generate your passwords. They will be strong and more difficult to break using blunt force attack approaches. Caps, lower case, numbers and special characters should always be used. Keep your passwords unique across various sites and applications to provide added security.

Delete Old Account Names

If you had a guest account or an account for a writer that is no longer doing work for you, remove the account. There should not be old accounts that are lying around that could be exploited. Only provide access to trusted resources with limited functionality.

Avoid using Default Account Names

Most content management systems including WordPress use the default account name, Admin. Everyone knows this and it is one less thing the blunt force hackers have to try to figure out if you are still using this account name, Change the name before you begin adding a lot of content. Rename your account name now if you are still using Admin.

Use Automatic Updates

If you maintain many sites, you will appreciate the time saving nature of this suggestion. Also it means that if an update is provided to plug a hole, your site will be updated quickly before anyone has a chance to break into it.

Install Firewalls and Malware Scan

Wordfence is one that provides both in a free version as well as a paid subscription with more features. These systems will scan IP’s coming to your site, monitor their activity and block them if they are suspected of nefarious activity. There are literally millions of attempted hacks every day and these systems are constantly updated to catch the latest techniques and block them.

The may seem a lot to cover for Setting Up Minimal Viable Security, however in today’s world it appears that this is what we need to do to protect ourselves. For more information on cyber security and protecting your content, click here.


You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

AddThis Social Bookmark Button

Leave a Reply

?>


Web Content Development