{"id":356,"date":"2018-03-22T10:00:43","date_gmt":"2018-03-22T10:00:43","guid":{"rendered":"https:\/\/yoogozi.com\/?p=8776"},"modified":"2022-09-13T13:48:05","modified_gmt":"2022-09-13T13:48:05","slug":"dave-braun-my-3-important-steps-to-secure-your-website","status":"publish","type":"post","link":"https:\/\/larrybroughton.com\/dave-braun-my-3-important-steps-to-secure-your-website\/","title":{"rendered":"Dave Braun: My 3 Important Steps to Secure Your Website"},"content":{"rendered":"
<\/p>\n
<\/p>\n
I\u2019m sure you\u2019ve heard the many stories of cyber hacking that have occurred in recent months and years, and sadly, that\u2019s the new normal for life in the technology age.<\/p>\n
Nearly every day I come across a new, cleverer attempt to get into someone\u2019s account or take control of their web hosting account. It\u2019s a constant game of cat-and-mouse with those wishing to exploit YOU for their own purposes; whether for money, recognition, or to simply prove to themselves that they can do it. Related:\u00a0<\/strong>Deanna Won: My 3 Lessons in Courageous Decision-Making<\/a><\/p>\n<\/blockquote>\n When we drive our cars, we take several safety precautions each time; some are constant and some are one time<\/p>\n We do these things because it\u2019s been proven to help keep us as safe as possible.<\/p>\n So with all of the pain, sadness and potential loss of income that can occur when someone hacks your website or steals your personal data, why don\u2019t we put in the effort to avoid these troubles?<\/p>\n It really comes down to believe it only happens to the other guy, and will never happen to us.<\/p>\n But, deep down, you know it can. So why not take a few simple precautions that really don\u2019t take much time or effort?<\/p>\n The best way to accomplish these simple steps is to make them a habit in your online life. (How to form a habit is for another article.)<\/p>\n This means that each and every one of your logins for your own website and hosting accounts, as well as ALL online accounts, are different. For the best protection, you should have unique usernames, but you MUST have unique passwords. And not the most common password of \u201cpassword\u201d or \u201c123password\u201d or \u201c12345678\u201d. The main reason is that if someone does get access to your login credentials (and it\u2019s very possible they will), you can limit the damage to just that one account.<\/p>\n Of course, you\u2019ll never remember all those unique usernames and passwords (please don\u2019t write them down somewhere for a cyberpunk to find), so you\u2019ll need some type of password manager to assist. You can search online for articles rating them, but most should work just fine. If you\u2019re not familiar with them, the premise is that you have just ONE password that you won\u2019t forget (that\u2019s a little complex), to access to an encrypted database that has all your other passwords in it.<\/p>\n I\u2019ve experimented with LastPass and my web coach recommends it, and it is a good solution, but I currently use KeePass and keep my encrypted database synced across multiple devices. I use Dropbox for this, but you can use Google Drive or anything similar.<\/p>\n On Your Website:<\/strong> this means themes, plugins, the core files of the software on which your website is based (such as WordPress). Just about ANY software will have \u201choles\u201d in the security because humans aren\u2019t perfect<\/p>\n You\u2019ll also want to make sure the version of the basic language on which your website is running is, at a minimum, a supported version. For example, WordPress is based on PHP, and the lowest numbered version that is still supported (bugs and security fixes) is 5.6. Use that one for sure (even better, use 7.0).<\/p>\n On Your Mobile Phone and Tablet:<\/strong><\/em>\u00a0Most updates you get not only have new features but will fix some security issues that can range from REALLY serious to only the most sophisticated hackers being able to take advantage of it. Just read the release notes as any security patch info will be noted at the beginning.<\/p>\n On Your Computer:<\/strong>\u00a0<\/em>Keep the Operating System up-to-date, especially when you get security notices. If possible, enable auto-update for these types of fixes as the risk of something breaking is minimal and you\u2019ll narrow your vulnerability window to as small as possible.<\/p>\n Side Note:<\/strong> For all the above, my normal personal and business practice is to wait to update major releases on my website, phone\/tablet, or computer, for at least one week, and possibly a month or more, so that others can find the bugs in the release and get major ones resolved within that timeframe.<\/p>\n I\u2019d wait even longer to make updates when it\u2019s an almost entire re-write of the software. For example, going from Mac El Capitan to High Sierra is not a security decision UNLESS El Capitan is not supported anymore from a security perspective. Once that happens, you\u2019ve gotta update! For the PC, you\u2019d better not still be running Windows Vista, and really should be on Windows 8 or 10.<\/p>\n Related:\u00a0<\/strong>Bobbie Hurley: My 3 Tips to Rocking First Impressions with Potential Clients<\/a><\/p>\n<\/blockquote>\n I. On Your Computer<\/strong><\/p>\n For a PC, having antivirus software running is a must-have. For Apple computers, you really should but it\u2019s not quite as necessary. Why? For two reasons:<\/p>\n There are several great free and paid antivirus programs available. Which company has the best changes over time, so please do a search online and read a recent rating article.<\/p>\n See discussion below on backup solutions.<\/em><\/p>\n II. On your website<\/strong><\/p>\n A.<\/strong> Within WordPress (and likely other Content Management Systems), there are plugins that provide software protection against scammers and nasty folk trying to hack in. For example, this software will detect if someone tries to log in multiple times with the same username in too short a period of time, indicating someone is trying to guess a password. Once this is detected, the software will \u201clock out\u201d that username for a specified period of time.<\/p>\n It\u2019s quite possible the server on which your site is running also has protection, but it\u2019s a great idea to include an extra layer.<\/p>\n B.\u00a0<\/strong>Include an SSL certificate. This is a MUST HAVE today as search engines will penalize you for not having one. To know if you have one, you can type in \u201chttps:\/\/\u201d instead of \u201chttp:\/\/\u201c ahead of your website address in the browser address bar. If successful, you\u2019ll see some type of a secure indication as shown in the below picture.<\/p>\n Having the SSL certificate allows any information shared between your website and a potential client browsing your site to be encrypted. This is especially important if you\u2019re exchanging emails, names, or even passwords between your website and the client.<\/p>\n C.\u00a0<\/strong>Backup solutions. You should have multiple backup solutions for everything you have electronic, including your website.<\/p>\n To quickly determine if you have adequate backups, think about if someone took your computer, your phone, or anything electronic you\u2019re using, broke into your house, and stole it; or if you had a fire in your house that burned everything to the ground (including a fireproof safe which can be stolen); or if the company that is backing your stuff up online got hacked and your data disappeared. Thinking about it this way, it\u2019s important to have a local and remote backup.<\/p>\n For my MacBook Pro, I keep important items in Dropbox that\u2019s synced to the cloud, I also use Backblaze for everything else, and then I use Time Machine with a local USB hard drive that I update a couple times a week (and ideally, it should be encrypted).<\/p>\n For your website, it\u2019s a similar consideration; there are local resources and remote resources. Local is the place where your website resides, on a server somewhere. And a remote resource might be Amazon S3 backups or equivalent. If you have backups going to both places, and with the right frequency, in case something does happen, your site can get restored.<\/p>\n Oh, and be VERY careful of the language in the terms of service of your hosting provider. Often, they don\u2019t guarantee anything or only keep one or two backups, and those might only be run at their discretion.<\/p>\n I hope this information helps you ensure you\u2019ve got adequate security for your website or at least makes you know enough to ask good questions. Related:\u00a0<\/strong>Bridget Brady: My 3 Ninja Secrets to Make Social Media Less Painful and More Effective<\/a><\/p>\n<\/blockquote>\n Dave is Larry\u2019s partner in FLASHPOINTS and yoogozi.com (type Braun in the search bar to see what else he\u2019s written). He\u2019s a certified John Maxwell speaker\/trainer\/coach, works with a marriage ministry at onefleshawakening.com<\/a>, and does freelance website design, almost always\u00a0in conjunction with Wordflirt.com<\/a>. He previously worked in the corporate world for 30 years as a leader of diverse teams at a semiconductor company. Dave can be reached at dave[at]flashpointsdaily.com and occasionally tweets as @thedavebraun.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":" <\/p>\n I\u2019m sure you\u2019ve heard the many stories of cyber hacking that have occurred in recent months and years, and sadly, that\u2019s the new normal for life in the technology age. Nearly every day I come across a new, cleverer attempt to get into someone\u2019s account or take control of their web hosting account. It\u2019s a [\u2026]<\/p>\n The post Dave Braun: My 3 Important Steps to Secure Your Website<\/a> first appeared on Larry Broughton | Yoogozi | Motivation | Inspiration | Leadership<\/a>.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":""},"categories":[18,9,19,16,12],"tags":[],"uagb_featured_image_src":{"full":false,"thumbnail":false,"medium":false,"medium_large":false,"large":false,"1536x1536":false,"2048x2048":false},"uagb_author_info":{"display_name":"Daphne Bercilla","author_link":"https:\/\/larrybroughton.com\/author\/daphne-bercilla\/"},"uagb_comment_info":0,"uagb_excerpt":"I\u2019m sure you\u2019ve heard the many stories of cyber hacking that have occurred in recent months and years, and sadly, that\u2019s the new normal for life in the technology age. Nearly every day I come across a new, cleverer attempt to get into someone\u2019s account or take control of their web hosting account. It\u2019s a…","_links":{"self":[{"href":"https:\/\/larrybroughton.com\/wp-json\/wp\/v2\/posts\/356"}],"collection":[{"href":"https:\/\/larrybroughton.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/larrybroughton.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/larrybroughton.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/larrybroughton.com\/wp-json\/wp\/v2\/comments?post=356"}],"version-history":[{"count":3,"href":"https:\/\/larrybroughton.com\/wp-json\/wp\/v2\/posts\/356\/revisions"}],"predecessor-version":[{"id":375,"href":"https:\/\/larrybroughton.com\/wp-json\/wp\/v2\/posts\/356\/revisions\/375"}],"wp:attachment":[{"href":"https:\/\/larrybroughton.com\/wp-json\/wp\/v2\/media?parent=356"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/larrybroughton.com\/wp-json\/wp\/v2\/categories?post=356"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/larrybroughton.com\/wp-json\/wp\/v2\/tags?post=356"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n<\/span>
\nSurprisingly, I also hear of stories where an old hacking method still works. Why? Because too many of us don\u2019t take the necessary steps to stay safe in our online world.<\/p>\n\n
\n
3 Steps to secure your website<\/h1>\n
1. Have unique Passwords for everything<\/h2>\n
2. Keep all software patched and up-to-date on all your devices<\/h2>\n
\n
3. Run \u201cSecurity” Software<\/h2>\n
\n
\nRemember, your website is a 24 hour 7-day-a-week salesperson for your company. Keeping it looking good and up as much as possible is simply smart business.<\/p>\n\n
\n