Archive

How to protect your website from hackers

Either we know it or not, agree to it or not, data breach and hacks is on the increase across the globe. That it has not happened to you does not mean it is not happening and if you have been a victim of data breach and hacks, you will understand the severity better.

Hackers do not only target big businesses, one recent report shows that 43% of data breaches and hacks has been against small businesses. You may be wondering why hackers would want to target your small business.

You’ve worked hard enough to grow your brand (website) and you are still doing, so don’t let someone who wants overnight success frustrate your diligence and commitment to growing your business. Use these few tips to protect your website.

  1. Install Plugins that can help secure your website: More than half of the active websites across the globe is developed with content management software (cms) while the others are developed by writing codes.

The difference between these two will be a topic for another day but what’s important for now is for you to know that you can use some security plugins like bulletproof security, wordfence and many others for your wordpress websites while Amasty, Magefence etc will help to protect your websites built with magento.

For websites built with Joomla, you can use security plugins like jomDefender, RSFirewall and many others to protect your websites from hackers.

Whether you’re running a CMS-managed website or HTML sites, you can also use SiteLock to protect your website. SiteLock does more than simply closing site security loopholes by providing daily monitoring for everything from malware detection to vulnerability identification to active virus scanning and more.

If you run an e-commerce website or your business is dependent on your website, SiteLock is definitely an investment worth considering.

  • Update your website regularly: You need to stay up to date to avoid hacking threats. Using the various available content management systems and plugins are very beneficial but also comes with its own disadvantages.

Because most of these tools are developed as open source software, it makes their codes accessible to hackers. Hence to protect your website from hackers, make sure that your cms, plugins, apps, scripts are updated regularly.

You can always login to your website backend to check if any of the tools you are using is available for update and if yes, do not hesitate to update immediately.

  • Using Secure Socket Layer (SSL): One very major important component of online business is creating a trusted environment where consumers and potential customers feel safe when making purchases.

SSL creates a foundation of trust by establishing a secure connection that assure visitors their connection is secure, with a green padlock and a five letter word (HTTPS) showing beside the domain name on the browser URL bar.

The SSL certificate helps you to secure the information of your customers like their personal data, credit card and contact information between the website and the server.

In July 2018, Google Chrome released a security update that alerts website visitors if your website doesn’t have an SSL certificate installed. Your website visitors will see something like Not Secure when they visit your website.

That makes visitors more likely to bounce, even if your website doesn’t collect sensitive information. Search engines are taking website security more seriously than ever because they want users to have a positive and safe experience when browsing the web.

Taking the commitment to security further, a search engine may rank your website lower in search results if you don’t have an SSL certificate. Which means your competitors will rank higher and better than you on search engines. If you want people to trust your brand, you need to invest in an SSL certificate.

Purchasing an SSL certificate is not expensive but the extra level of encryption it offers to your customers goes a long way to making your website more secure and trustworthy.

You can get your SSL certificate here.

  • Use a strong password: This is not new but yet many website owners prefers to use a password they can easily remember. Your website password should include a mix of special character, letters (uppercase and lowercase), numbers and make it long.

Using numbers like 123456 or ABCDEF is not advisable, using your birthday or your child’s date of birth should be prohibited because hackers (especially if the person knows you already) can easily guess your password and have access to your website.

Make sure to change your website password regularly and if you have other team members who also have their own password access to the same website, make sure that they update their password regularly and they use a strong password too.

  • Frequent Backups: Even with all the above, it does still not mean that hackers cannot gain access to a website nobody is perfect, even though the threats may be limited and your website may not be easily accessible but you still face some risks.

The best way to protect yourself is to have a regular scheduled backups. While data breach may be hurtful no matter what, but having a backup of your website will help relieve you of some stress in the case of data breach.

You can make it a habit to manually backup your website weekly or bi-weekly or if chances are that you may forget or you may be too busy to always manually backup your website, you can invest in automatic backups, it is not expensive.

With automated daily backups, using Hostlag website backup means deleted files are now recoverable, overwritten files are now obtainable, and if a site is hacked, the malware is easily removable.

There are other more advance method of securing your website and protecting it from hackers especially if it’s a web application, but with the above, you are guarantee peace of mind.

About the Author

Ebenezer Dare is the CEO of Hostlag, a web hosting and domain names company that helps businesses and organizations get global relevance via online presence.

You can connect with him on Twitter: @DareEbenezer or Instagram: @ebbydare

How to identify a good web hosting company

Reading through some articles and reviews online recently, I was touched by the experience of some webmasters and business owners when it comes to hosting your websites and web applications online. Many have been disappointed by these web hosting companies by the irregularity of their service.

As a webmaster or business owner, you know that online visibility is key for your business or career if you want to attain global relevance but many at times, entrusting your online presence into the hand of some web hosting companies can deny many the opportunity to achieve set goals because these so called web host are not consistent with their service.

Some of them may just go offline for some days and when you send a mail to their customer support, they’ll tag the issue to server maintenance and that’s even if at all they’ll respond.

Hence, before you entrust your websites or web applications to any web host, what are the features that you must consider;

1. Speed

We all know the importance of website speed. And speed all begins with a fast web host. A web host should respond within 200ms (according to Google), so look for a host that responds quickly in your location and around the world.

2. Uptime

Uptime is a measure of reliability. In other words, it’s the percentage of time your website is online. Even an uptime of 98% can mean your site is down for six days within the year. Look for an uptime of 99.8% or higher.

3. Security

There’s nothing worse than getting hacked. What would you do if you lost all your content and hard work? That’s why web host security is so important. A good host should have automatic updates and malware scanning. Some even come with a free SSL (security) certificate.

4. Backups

As an extra security and practical feature, many hosts now come with regular automatic backups.

5. Customer service

Ideally, your web host should have 24/7/365 customer service. Most hosts now have customer service options including phone, ticket systems and online chat. Note that some hosts charge extra for a premium support service.

6. Storage and bandwidth

‘Storage’ refers to how much content, images and data you can store on the host’s servers. And ‘bandwidth’ is how much data can flow through from the server. This has an impact on speed and visitor numbers. Naturally, we want the highest storage and bandwidth within reason.

7. Price

Don’t always settle for the cheapest webhost. It can end up causing you issues with speed and reliability. It may even hold you back if your website starts to grow. At the same time, you don’t need to spend a fortune! Look for an affordable host with all the features you need.

This is why at Hostlag we prioritize these features above and give our customers a lasting and exciting experience, we know how painful it can be when you don’t have access to your business online for days, we have always been and will continue to put measures in place to make sure that our customers are satisfied with our service.

Hostlag is a web hosting and domain name registration company that help gives businesses and individuals global relevance via online presence.

Think web hosting, think Hostlag.

How to avoid your emails going to spam

Have you ever had one of your emails marked as spam? According to statistics, 80% of all sent emails are spam. As a result, spam filters are becoming stricter and even legitimate emails can end up in spam. There are some steps you can take to ensure that all your emails are being delivered into the inbox. But firstly, let’s discuss what the spam filter is and how it works.

What is a spam filter?

Even 5 years ago, the idea of the spam filter was something new and its work wasn’t checked enough. The spam filter is like a searching system, that scans the emails. If some suspicious material is found, the email ends up in junk.

How does the spam filter work?

The information that the filter looks for can be divided into three categories:

Where the message came from:

Anti-spam organizations have created special network lists, which are called RBLs . Spam filter checks such lists for the IP, that the message was sent from. If the IP address matches one on the list, the spam score of the message increases.

Who sent the message

Using email headers spam filters check if the email was sent by a spam engine or by a real sender. Every email has an unique ID, but when the spammers send mass emails, they all have the same ID.

What the message looks like

Spam filter analyzes the body and the subject of the email. Strings, which can be identified as spam are ‘viagra’, ‘buy now’, ‘lowest prices’, ‘click here’, etc. Also, it looks for flashy HTML such as large fonts, blinking text, bright colors and so on. A lot of spam filters compare the whole text to the amount of suspicious words. So, for example, if your email is long, it will not be identified as spam because of a few suspicious words.

There are several things you can do to improve your email delivery:

  • Don’t use false or misleading header information
  • The email should be identified as an ad if that is what you are sending
  • The recipients should have information about your location
  • Include unsubscribe link
  • Do not use too many special symbols, especially at the beginning or in the end of the sentence
  • Check the formatting. If it is possible, avoid different colors of the fonts
  • Do not use shortened URLs. Those are often used by spammers to hide their real URLs
  • Add text version of an email. When you send HTML emails, include a text version of the email
  • Test email with spam checkers like https://www.mail-tester.com/ where you will send your email to the specified address and then check your score
  • Check your IP and domain in blacklists. If your IP or domain is blacklisted you should whitelist it or contact your email service provider before sending emails.
  • Be careful with the images. It is recommended not to send emails with images only. Make sure you have no less than two strings of the text to every image and your images are optimized
  • Avoid some types of attachments like .exe, .zip, .swf. It is okay to use .jpg, .gif, .png and .pdf
  • Do not purchase email lists. It is common practice to purchase lists of potential clients. However, a lot of email addresses in such lists are not correct and your IP/domain can get blacklisted for mass mailing very fast. It is better to send individual emails to real people
  • Check how your your emails are delivered. You can create different email accounts with popular email providers like Google, Yahoo and so on and send test emails to them
  • Send the emails to your clients on a regular basis and instruct your recipients on how to white-list your email address.
× How can we help you?