Hosting and Security – how we keep your site secure
Site security is important. Every day we hear about websites that have been hacked, locking out business owners and admins and exposing your data to those who may use it maliciously.
Let’s get real about website security. Every business is vulnerable to attack, and we’ve seen some pretty big players have data exposed in the past few years. We’re not saying this to scare you; we say this to inform you that we, as your hosting provider, do a number of things to secure your site against attacks. Many things that other providers do not do or include in their hosting inclusions. One thing we do regularly is update plugins on your sites. We do this to ensure the security of your site and also our server. A secure server is important to all sites on that server. Unlike other hosts, we do not offer a ‘cheap’ and ‘insecure’ hosting package. We feel that such practices are irresponsible to you and your business.
Plugins that are not updated regularly open up your site to attacks, as their vulnerabilities can be exposed and be taken advantage of. When we update plugins, we also check for issues and conflicts. This is just one part of our security protocol for the websites we host and is included by default. Depending on your hosting package we may do this weekly or monthly.
One of the most important things you can do to improve the security of your site is to ensure your login is secure. What does this mean?
Have a secure password
Your password should be unique. The best password is not always what you think it may be. Some people think the best password is using one word and have numbers replace letters. eg Magnolia would be Magn0L1a. This is a highly insecure option as robots that break passwords know to switch out letters for numbers on dictionary words. A more secure option is to develop a phrase that makes sense to you and uses many words that aren’t commonly used. eg. pinkblobsonthewall glasshummingbird
These two examples will take 23 million years and 34 thousand years respectively to crack. Use this handy tool to check if your chosen password is sufficient https://www.security.org/how-secure-is-my-password/
Alternatively if you are a google user and have secure protocols, ie.not using an insecure password and have security checks in place, then using ‘strong password’ suggestions from google, that are then saved and easily accessible by you, is considered a safe option.
Don’t share your password
This should go without saying but many people do share their passwords. If you find you have shared your login for business reasons, have a policy of changing your password from time to time in case that password is hacked and shared around.
