Highlights

News, Tweets & Thoughts
Blog / News

Top tips for Security and Data Privacy

Install WordFence and WP Remote for WordPress

WordFence is constantly updated to block security attacks protecting against latest threats. That said, avoid using plugins where possible. Too many plugins = more chance of being hacked from unsupported older versions. Updating makes you less vulnerable to attacks; use WP remote to show the updates needed across your WP sites.

Backup and store information safely

Backup your sites database regularly, to help speed up any repairs, should your site data get lost from attacks or changes. Check with your server provider who might automatically backup databases.

Remember! Remove any backups or sql files from your sites root directory to avoid database hacks.

Secure Passwords (obviously)

Many logins now have strength indicators so you must have a medium strength password. To be ultra secure, never allow browsers to remember passwords. Have a list kept safe somewhere else. The handy 1Password app stores all password and has a single login to access them. If you do allow chrome to remember passwords, definitely have 2-step verification turned on for your Google Account.

Use Authentication Layers

Use Open Authentication and 2-step verification where possible.
This uses codes sent to your phone/email/other to verify your identity.

Login twice.
Complete another login form before accessing the main login to your site.

Blacklist everyone’s IP.
Except for your own of course! This means only whitelisted IPs have FTP access.

Only Humans Allowed!

These handy tricks will keep pesky bots at bay:

Honey pots and traps
Use a form field only a bot sees. If it’s filled in on submit, we know it’s not human. You can also change the login url path and block any IP trying to access the original.

Captchas
Prove you’re human by typing a word or number from an image. However captchas are becoming more user friendly like Google’s ‘I’m not a robot’ checkbox

Robots.txt file
Stops bots like google from accessing parts in your website that it doesn’t need to e.g. wp-admin

Is your site as secure as possible? Contact us here immediately if not

 

Image sourced from here

more highlights talk to us

Posted by on 28. Jan 2016