Setting Up Minimal Viable Security
What is the minimum that a web owner or administrator should consider for the security of their site and the content? This is a question lots of people wonder about. They typically do not take any action until they have been compromised. Then it is too late. Setting up minimal viable security is actually quite simple, it just takes a little effort on a regular basis depending on the size and complexity of your site.
Always use a content management system. They will help you to be much more efficient and consistent with the design of your sit. WordPress is a very popular site that many web owners use. Always keep it and the templates you use up to date to protect from any vulnerabilities and hacking attempts.
What Other Things are Needed for Setting Up Minimal Viable Security
Choose Your Host Provider
Your host provider should have good account isolation between your account and anyone else who is on a shared server. If not, a hacker who gets into another site can easily migrate to your site and compromise it. There are lots of hosting providers. Choose one that has been in business for some time and one that has a good record.
Keep Your Content Management System Up To Date
Always update your CMS (WordPress), themes, and plugins as soon as they are available. Updates will include bug fixes. Updates plug vulnerabilities. New updates add new features. Always use a reliable source for any themes or plugins that are employed on your site.
Use Strong Passwords
Use a password generator to generate your passwords. They will be strong and more difficult to break using blunt force attack approaches. Always use caps, lower case, numbers, and special characters. Keep your passwords unique across various sites and applications to provide added security.
Delete Old Account Names
If you had a guest account or an account for a writer that is no longer doing work for you, remove the account. Only provide access to trusted resources with limited functionality.
Avoid using Default Account Names
Most content management systems including WordPress use the default account name, Admin. Everyone knows this and it is one less thing the blunt force hackers have to try to figure out if you are still using this account name, Change the name before you begin adding a lot of content. Rename your account name now if you are still using Admin.
Use Automatic Updates
If you maintain many sites, you will appreciate the time-saving nature of this suggestion. Also, it means that if an update is provided to plug a hole, your site will be updated quickly before anyone has a chance to break into it.
Install Firewalls and Malware Scan
Wordfence is one that provides both a free version as well as a paid subscription with more features. These systems will scan IP’s coming to your site. They monitor their activity. These systems will lock them out if they are suspected of nefarious activity. There are literally millions of attempted hacks every day. These systems are constantly updated to catch the latest techniques and block them.
This may seem a lot to cover for Setting Up Minimal Viable Security, however, in today’s world it appears that this is what we need to do to protect ourselves. For more information on cybersecurity and protecting your content, click here.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Leave a Reply