How to protect your website against Cybercrime

Security is a major reason why your CMS (Content Management System) should stay up to date. According to web technology surveys, 75% of websites use popular content management systems such as WordPress, Drupal and Joomla. These platforms are open-source and publicly available, making them more vulnerable as they can be updated by a large community of users.
On average, 30,000 Website are hacked every day. Cyber criminals use highly effective computer software programs to automatically detect vulnerable sites. If your site has been hacked, this is what you’ll see:

  • It will instantly fail to function with a message informing you that your website has been hacked
  • It may re-direct to some offensive content
  • Parts of your site may be missing or not function properly
  • On a rare occasion, the attack may consist of malicious code that affects your search engine rankings as the content could be interpreted as spam and result in your website being de-listed.

What security measures can I put in place to protect my website from being hacked?

Keep your software up to date

With the fast pace at which tech evolves, it’s important that you update your CMS to access the latest features available to your platform. These could offer an improved UX (User Experience), positively impacting on SEO (Search Engine Optimisation)and simplify your role as a content producer. With every new update, your developer will fix bugs and attempt to improve the performance of your CMS in terms of speed and efficiency.

Change the default CMS settings

The most common attacks on websites are automated and many rely on the default settings used. This means you can avoid a large number of attacks by simply changing the default settings when installing your CMS of choice. Some CMS settings are writeable by the user – allowing a user to install whatever extensions they want. There are settings you may want to adjust to control comments, users and the visibility of your user information. It’s usually easiest to change these default settings when installing your CMS.

Be smart about selecting new plugins and add-ons

There are a multitude of plugins and add-ons which provide virtually any functionality you can imagine. How do you know which one to install? First, look at when the extension was last updated. If more than a year ago, there’s cause for concern that the author has stopped working on it.
Rather use plugins or add-ons that are actively being developed as this indicates that the author would at least be willing to implement a fix if any security issues are reported. If an extension is not supported by the author, then it makes no sense to use it for your site as it may stop working at any time. It’s important that you download your extensions and themes from legitimate resources.

Be sensible about user access

This only applies to sites that have multiple logins. It’s important that every user has the appropriate permission they require to do their job. If a user requires escalated permissions at a moment’s notice then grant it, but reduce their permission level after they’ve completed the job.