Online security breaches make the headlines all too often these days. This makes consumers wary of websites or applications that don’t offer the utmost security. Because gaining and keeping your client’s trust is an important key to doing business on the internet you must maintain a secure user experience at all times. If you’re wondering how you can do this keep reading for six free tips to improve your website security.
Qualys Freescan offers a free account where you can scan your network, servers, desktops or web apps to test for security risks. No need to download software, you can scan it right from your browser, and it will let you know when it detects a vulnerability and offers guidance on what kind of patch will fix the problem. It’s limited to 10 unique scans.
Securing an SSL certificate for your website is not only a must if you’re going to collect your visitors’ private data such as names, email address, personal numbers and so on but it’s rapidly becoming a factor in Google rankings. Google is tagging websites that don’t have SSL certificates with the all too obvious title: “Not Secure.” Fortunately, you can get a free SSL certificate at Let’sEncrypt that will allow your domain to use the desired “https” rather than just “http.”
Cloudflare or Cloudbric
Your website is at constant risk from thieves looking to hack it and steal data or to cripple your site and potentially hold it for ransom. A Web Application Firewall (WAF) scans your website for suspicious activity and can block actions like cross-site scripting attacks and SQL injections. Both Cloudflare and Cloudbric offer free WAF. Either one is easy to set up and doesn’t require changes to your website code.
Sucuri Malware Scanner
Did you realize your website could have malware lurking in the background that you don’t know about? You could also have website errors, out of date software and even be blacklisted on search engines and not realize it. However, Sucuri offers a free scanner where all you do is enter your domain, and it will alert you to any hidden problems.
Backup on your website is one of those things you know you should do, and you keep meaning to get around to it, but it constantly falls to the bottom of the todo list. But then something happens to your website, and all of your hard work is gone because you never got around to backing it up. However, it’s likely that your web hosting service offers free backup and all you have to do is ask. Now you really don’t have an excuse!
Standard Security Precautions
There are several things you can do right now to beef up security for your website. For instance, get in the habit of changing your website administration and FTP passwords regularly and use unique passwords. When hackers infiltrate a third-party site (where you’re using the same password) thieves could find your password on the list.
You can use the standard FTP to transfer files from your computer to a server easily enough, however, to provide a more secure upload process that would also protect your username and password, for instance, you would want to use FTPS which uses SSL/TLS encryption. But then some prefer SFTP which also allows you to transfer files securely but by using Secure Shell protocol instead. Either way, it’s safer to stop using FTP today.
You should close unnecessary ports such as SSH and RDP. The New Jersey Cybersecurity & Communications Integration Cell found that businesses that have open RDP and SSH ports are highly vulnerable to data theft or ransomeware infections. Hackers are using a website called Shodan to locate systems with these vulnerabilities and attempt to infiltrate them.
If you would like to know more about how you can keep your web applications safe don’t hesitate to contact us today. We’ve been providing enterprise-level Cloud, Hosting & IT infrastructure solutions and managed services for a decade. Using our key principles of Knowledge, Experience and Focus we’re ready to match unique solutions to your business.