Website Security Tips

There’s a million ways you can increase security and safety for your website. Here, we’ll cover the more basic, one size fits all type of tips that can have the most impact for the least effort.

Username and Password

Never ever use ‘ADMIN’ as a username, and for best password practice, simply string together several words, with couple numbers at the end. It’s exponentially more difficult to guess this way.

Hide WordPress Login URL

If you use WordPress, like the majority of website owners do, a fix as simple as moving or renaming your admin login page can spare you from the first wave of typical assault. We recommend using the plugin named “WPS Hide Login” which is really just a swift permalink change, but will keep attackers guessing, or make them give up and move on. Here’s the WordPress Plugin Repository Link for this plugin – WPS HIDE LOGIN

Adding SSL

As detailed in our FAQ, SSL can be an easy addition to your website and hosting package to eliminate one avenue of attack. SSL encrypts the transmission of data from server to user using an encryption key that only the server and visitor will have. This means no attacking party can tap into the transmission line at any point to intercept and read plain text data like passwords or credit card numbers.

SSL is a must on any ECommerce site, and is quickly becoming an ideal option for ANY site. Google has also noted that it’s placing extra ranking juice on sites with SSL certificates as it shows a positive motion towards a safer and better web.

WordPress Post Name

There’s a big security risk in having your login name exposed on your blog posts or pages in WordPress. If you’d like to avoid giving attackers half of the information they’d need for a brute force attack, be sure to go to your profile in your WordPress installation, then scroll down to the username section. Here you will see that your username is NOT modifiable, but you CAN add a first name. Add a first name that is different from your username, and something you would be okay with having visible in the front end (For example “Post created by “suchandsuch”). Then go to the “Display name publicly as” field, and choose the ‘first name’ as entered above. Save your changes and be proud that you’ve taken one more step towards securing your WordPress Install.