Website Security

Today’s internet can be a hostile environment. Bad bots and evil perpetrators abound. While government sites (with experts working to protect them) are hacked regularly, we know that no site is completely impervious.monitor with cyber criminal eyes

There are several prudent steps to take regarding your website security.

The host providing your server space needs to implement best practices. That is one of the reasons I use SiteGround.

Your site also needs to have good inbuilt protection for its files. I implement a combination of plugins and server level protection by writing .htaccess files. As the name suggests (hypertext access) this is a fast and strong method of controlling access to your files.

Keeping good backups is one of the most important things done in running a website. If something goes wrong, this will help save the day. A variety of methods are available for this depending on your requirements.

chain and lock above worldBackups can be created onsite, and then sent offsite for storage, or there are companies which provide an entirely offsite service, and can be very good. They place very little load on your website resources.

Very good free backup plugins are available, and if you have the necessary knowledge, are adequate to restore a site from a backup. Generally, free plugins do not implement restoration, rather a premium version is required.

I offer maintenance and backup packages as an after site build service.

Today there is really no reason for any site not to use TLS.

Once, just about the only sites using SSL (Secure Sockets Layer) were banks and e-commerce sites. SSL has been superceded by TLS (Transport Layer Security), with both often referred to as SSL. They are used to encrypt the connection for data sent over the internet.

When a site has TLS implemented, the link to the site in the browser address has a green padlock icon, and is preceded by https (hypertext transfer protocol secure) (Hypertext, very simply put, is structured text which contains links to other text).

https ensures the authentication of the visited website with protection, privacy and integrity of exchanged data.

https ensures the authentication of the visited website with protection, privacy and integrity of exchanged data.

There are several advantages, including secure use of passwords across the internet.

Google uses it as a ranking signal when assessing your sites placement in its search listing.

https enables the use of http/2, a new protocol which can greatly improve your site performance.

A problem with enabling TLS for your site used to be cost. Today, free authentic certificates are available from Lets Encrypt, and are suitable for many websites.  I implement TLS on all sites built.

Easily found websites: good SEO

SEO stands for Search Engine Optimization. There are so many websites it is easy to be never found. Search engines use algorithms to assess and rank your site, placing sites that rank well at the top of search lists.

There are companies who specialize in this field. They can be expensive, and in the past some employed ‘black hat’ measures, which in the end cost their clients dearly. The search engines constantly modify their algorithms and penalize those it catches out.

Fortunately there are some basic things which are easily implemented, and the key is having good, fresh, relevant, usable content on your site.

WordPress lends itself to creating well structured content.

Your site content needs to be well structured. Your readers & search engines will appreciate it.

WordPress lends itself to creating well structured content. It also has good plugins (software that integrates with WordPress) to help with the technical side of SEO.

If required, I install these on your site, and have support packages which offer guidelines for good content creation.

The need for speed

Page loading time is an important part of a website’s user experience, and plays a significant part in search engine rankings.

The starting point is the equipment your web host provides. Large sites run on dedicated servers, which can be very fast. Many (most?) sites run on shared hosting, and dearer plans should provide more resources per site.

Caching can be thought of as the temporary storage of compressed web pages for fast delivery.

red racing car at start lights

Some hosts provide shared hosting plans with inbuilt server caching generally only found on dedicated server plans.  This is one of the main reasons I recommend Siteground.

In an earlier post I referred to the use of plugins and themes. Choosing well coded plugins & themes not only improves site speed, but is crucial to guard against various attacks.

As part of the workflow in building a website, I ensure all the files (stylesheets and javascript etc.) used by the site are minified and gzipped to improve page load speed, as well as other methods from Google’s Webmaster Tools.

Images are an important part of nearly all websites. Images with a large file size will drag most sites to a crawl. I provide advice and links to tools to ensure images used are optimized for the web as part of handing over your site.

WordPress, as part of its core functions, sends correctly sized (width & pixel density from your optimized image) images to match screen sizes, so people using small (phone) screens are not downloading images for wide screens.

Tools for a well equipped website

I recommend using a CDN (Content Delivery Network) (read about what a CDN does) such as Cloudflare. Their free plan is adequate for many sites, and has speed and security benefits. If required I set this up as part of building your site.

spanner holding bolt head

No, not that type of tool, but it is the right tool for the job

WordPress provides thousands of plugins, (software that plugs into WordPress) both free and paid. These provide a wide choice of tools to improve you site. Just which ones you choose will be guided by your requirements. I can help choosing the right tools for the job.

Earlier in the post, I spoke about caching. If your host or plan does not provide server caching, there are very good caching plugins.

You may require a good gallery plugin and a light-box to display images, or perhaps a slider would be better.

Perhaps you want a membership site with a private area or an e-commerce store? Need you site to send and receive email & newsletters well?

There are plugins for that, and almost any task you can think of. The trick can be knowing which ones to choose, and how to leverage the best to your advantage.

Part of my job in building your site is to pick and use the best available based on my experience. If required, I can build, or have plugins built specifically for your particular needs.

Sound secure websites don’t happen by accident, get in touch to get yours started, or browse more information

Related Posts

Category:
website requirements
Tags:
, , , ,

Leave a Comment:

Your email address will not be published. Required fields are marked *


Top