Our Blog

Posted by

Dan Gothard

Operations Director

Top 5 website security tips

1. Keep your software up-to-date

This is especially important if you are using an open source CMS, but is equally important with any software. If new releases of your CMS are available, they probably contain security fixes for new vulnerabilities. If you aren’t up-to-date, someone may try to hack your website.

Don’t just think about your CMS though, are you also using a blog or any plug-ins? These also need to be kept updated, as these are often the cause of security issues. Bespoke code written by inexperienced developers can often be the cause of major security holes that you are completely unaware of until they become a major embarrassment.

2. Your security is only as strong as your password

Avoid using real/dictionary words as a password. Try to include numbers or non-alphabet characters in your passwords where possible.

Never use a word that is on your website as a password, bots will scan your site and try them when they try to crack your password. Simply replacing one or two characters with numbers will merely slow a bot down  a little, especially if you do the obvious (eg password to pa55w0rd). Longer passwords are much more secure against brute force attacks than shorter ones, 9 characters or more is best.

And finally, it shouldn’t be necessary to say this, but I can tell you from experience with clients it is, never use “password” as your password!

3. Keep your password secret and change your password regularly

If you are in any doubt that someone might know your password, change it straight away. When an employee leaves your organisation make sure you reset any passwords they had access to or cancel their named accounts. Even if you parted on good terms, make sure you do this for good measure.

4. Use anti-virus

A virus on your computer can track everything you type and report it back to a hacker. Make sure you don’t get infected by having a good antivirus program installed at all times, and keep it up to date.

5. If you can’t do it well yourself, rely on a professional

While it can be tempting to try to save money by managing the hosting of your website yourself, or managing your own blog or CMS updates, it can often be much more complex than you imagine. Do you take regular backups? Do these include your databases? Do you know where to get updates from for the 20 plugins your CMS has? Do you have the ability to restore your website if something does go wrong?

If you aren’t confident you have the necessary knowledge to keep your website safe, rely on the services of a professional. Your website development company should be able to provide these services to you. This is certainly worth the small extra investment; you’ll wish you did when something goes wrong!

At Adept, we ensure our clients are always up to date with the latest version of the SmartWeb CMS, including all the latest updates and security features. This service is included in our hosting service at no extra cost. We take security seriously, and enforce the use of secure passwords wherever possible, and thoroughly check the work we produce before launch to ensure that as many avenues as possible are covered. For more information on any of these services please contact us on 01603 340 750.