You may have a friend or relative offering to create your website for you. They may be very enthusiastic and so eager they will even do it for free. If they are an expert and experienced web developer then you’d be wise to accept their offer. However, building in security measures to your new online business should not be taken lightly. It may look fabulous on the front end, a great user experience, beautiful graphics, photographs and an elegant shopping cart. But more imortantly, does the back end also look fabulous to an opportunistic hacker?
Website security is relative to the service or product that your business provides, with two main areas to consider. One public area (often refered to as front end) and one internal area (admin or back end). Your security is relatively high if:
- you have few or no network resources of financial value
- the company and website aren’t controversial in any way
- your network is set up with strict, solid permissions
- your web server is continually patched and kept up-to-date
- applications on your web server are all patched and updated
- your website code uses strict standards with any redundant or unsupported software removed permanently from your server
- all of your passwords are unique, long, and contain no words that would appear in any dictionary (in any language)
- in addition, the passwords do not contain dates or initials, are alphanumerical, with upper and lower case letters, and contain symbols
- all user names are created using the same method as your passwords are created
- you never access (use) your backend on public accessible computers
- you use an SSL certificate server, to ensure encryption of data transfer such as sending online forms and emails
The importance of having your website secure
Be sure that the website designer you choose to build and/or host your website holds the security of your website in high regard. Your security should be their top priority. Even when using a secure website platform, the backend configuration of your website can play a key role in the security of your website. A poor backend configuration can lead to security breaches.
Therefore find an expert when it comes to security and make sure your website is secure as possible.
I use a two pronged approach to WordPress and Joomla! in all my website’s security. Securing against attacks and putting in safeguards in addition to adding a SSL certificate. Besides encrypting the connection between your website and visitor, SSL also makes your website good for Google ranking.
Should you be worried about the security of your website?
Poorly written software creates security issues. Your website security will be tested If you have important assets or perhaps anything that puts you in the public spotlight. We have all seen even the biggest of companies hitting the headlines with loss of data, or worse. All complex programs can have, at the very least, a weakness point. Unknown until someone finds it. On top of that, web servers and websites are inherently complex programs.
Finally, your site visitors also face potential web security issues. A common website attack involves the silent and concealed installation of code that will exploit the visitors’ browsers. Therefore the end target of these attacks is not your site. Many owners are unaware they have compromised sites. Hence their own visitors are at risk by effectively aiding these breaches of website security.