If your website gets hacked, you could also face data loss, business downtime and the embarrassment of having to tell your customers that their sensitive personal information – which they entrusted to your care – has been stolen.
If your website has been developed on the WordPress platform, you do benefit from the good security of WordPress core software. However, you still need to follow key security practices to stay a step ahead of sophisticated cyber criminals who could be targeting your organisation, your customers or your business partners through your website.
This involves regularly updating your WordPress core, plugins and themes – which is something that Kri8it can assist you with on a regular basis.
Over and above this, in order to fully protect the security and stability of your WordPress site, we recommend the following:
Use strong passwords
Malicious actors often steal user names and passwords to gain access to business systems and data. It’s critical to use strong passwords for your website, FTP accounts, databases and email accounts.
Strong passwords are typically long, use both letters and numbers, contain both upper case and lower-case characters, and are unusual (opt for a string of random words rather than a commonly used phrase).
It’s also important not to re-use your passwords across several accounts. If one is hacked, all will be vulnerable. If you’re struggling, ask us to recommend a good password management tool for you.
Add a security question
Building an extra security question into your WordPress site’s login screen provides you with the peace of mind that you have an additional password – and thus an extra layer of security. If you’re not sure how to do this, Kri8it can help.
Limit access to your WordPress admin account
Carefully monitor and control access to your WordPress admin account. Firstly, only give access when it’s really necessary. Secondly, set up roles-based user permissions to limit people’s actions on the site. You can get even more sophisticated using code or plugins – ask us for assistance with this if you need it.
Use a reputable host
You should definitely choose a reliable web hosting company that is security focused and has a clearly defined cyber risk management policy.
Back up your site regularly
As a “Plan B”, it’s advisable to keep an off-site backup of your website. This way, if your site is ever compromised, you can quickly restore it. There are plenty of tools that can help with this – simply ask Kri8it for a list – or to manage this on your behalf.
We’re here to help
kri8it has enjoyed offering our clients the benefit of hassle-free and secure hosting on our range of dedicated servers with Hetzner for over 15 years. While Hetzner remains a valued partner in our business, cyber threats are growing more sophisticated and complex. We have therefore implemented a compulsory security package across all WordPress sites hosted on our servers, ensuring increased security measures and implementing platform updates across the board. We use the latest technologies to protect you as far as possible against any potential attacks, going beyond the free security measure available from Hetzner and WordPress.
There may be a requirement to update your WordPress plugins, themes and so forth (as mentioned), from time to time to prevent any compatibility issues that could cause interruptions or affect site functionality. We will take care of this for you with minimal disruption to your business.