How To Make My Website Secure: Q&A Series #8
Our newest Q&A session is dedicated to the issue of online store security: read all about the technical aspects of keeping your website safe and, of course, answering the most common question – how to make my website secure?
Taking care of your personal belongings is #1 priority.
And your dropshipping store is not simply a website you own – it’s not less than your personal achievement, your source of income, and, most importantly, your key to building a better future for yourself and your family.
How to make sure that this valuable asset won’t fall into the wrong hands?
Let’s figure it out!
How to make my website secure: common ways for website hacking
How to secure a website?
First and foremost, let’s look at the most common ways for a website hacking. While there is no sure way to know when the hacking happens, if it does, you will no doubt know that something is wrong. Nevertheless, here is what you need to be aware of:
The hacker will threaten to publish your data and/or withhold access to your site unless you pay a ransom sum.
You’ll spot loads of auto-created pages filled with keywords and gibberish, with the aim of getting them to rank on Google for key terms. When clicked on, they’ll redirect to a dodgy site.
Cloaked keywords hack
As above, but slightly more sophisticated – at first glance, these will look like your site’s pages, with altered written content.
Japanese keywords hack.
Creates random pages in Japanese full of affiliate links to stores selling fake merchandise.
If malicious code or a virus is inserted into your site, your site may well go down, or you could be unable to access it. Moreover, it may as well affect all your hardware.
Denial of Service (DoS)
Hackers use bots to overload a website with requests and crash the server it’s on.
Scammers contact your clients pretending to be part of your business and using your branding in the hope of finding personal information.
1. What could be the most likely threats to MY store?
From the technical point of view, there are 3 basic threats that are important to consider:
- Website platform or plugins malfunction
If you haven’t updated your CMS platform for a long time, or if you have installed some pieces of additional software (themes, plugins, add-ons, etc.) from an unreliable source, you are basically putting your store at risk.
- Password hack
If you have a ‘weak’ password or if you keep it written in an easily available place, it won’t be difficult for hackers to steal your store data, as well as your money…and your business reputation.
If there is no trustworthy antivirus software installed on the device you use to run your store, or if you use an outdated browser version, the device (and the store) gets especially vulnerable.
2. How to make my website secure if it’s not ready yet? What can I do on the store development stage?
While your store is just being developed, you can do the majority of the steps necessary to ensure its safety:
- Consider which devices you’ll use to run your store. Contemporary automated solutions make it possible for you to access the store with the help of personal computers, laptops, tablets and smartphones. It gives you more freedom, and at the same time, more responsibilities. You need to check the browser versions on EVERY device and make sure you’re using the latest browser version.
- The same is fair for antivirus programs: check if you have them installed on EVERY device you’ll be using for your dropshipping business, and update them to the latest version if necessary.
- Create a strong password for your hosting account and for your website admin panel. Ideally, these passwords should contain at least 8 characters each, and it’s a great idea to include numbers and uppercase letters in them. The general rule is: the more complicated is the password, the harder it will be for a hacker to get an illegal access to your website.
- Pay a special attention to the place where you are storing all your valuable passwords. It’s not a good idea to use any kind of online storage for this purpose.
- Make sure that you’ve used the latest version of a CMS platform as the basis for your online store. Check its official website to learn more about the newest updates and most relevant proven versions.
- Do your best to only install plugins, themes and add-ons that are officially recommended by the CMS platform developers. Be really careful about so-called nulled plugins that are distributed for free – they are very likely to contain viruses and hurt your webstore.
3. How to make my website secure if the store is already running?
First, make sure you’ve taken all the steps described above.
Then, do the following:
- Follow the updates as soon as you learn about the newest ones. It’s vital for everything you use: the CMS platform, themes and plugins, antivirus software and browser versions. If you keep all of them up-to-date, it’s much harder for hackers and viruses to do harm to your store and you.
- Change login and password from time to time to prevent any unpleasant surprises. Make sure to always use an actually working email address – this way, you’ll be able to restore the login details in case you lose or forget them.
- Create backup copies of your webstore regularly – if something goes wrong, you won’t have to destroy the store and start all over again, you’ll simply have to go back to the latest saved version.
4. I’m worried and I don’t think it’s enough. Can I do something else?
If you think you need to do more to protect your website, our developers can recommend one of the following safety plugins for WordPress:
Simply speaking, these free plugins limit the number of login attempts when somebody tries guessing your login details and enter the admin panel, and they also alert you if there’s a security threat.
5. There’s a virus! Or a hacker attack. Or a dangerous software, I don’t know what’s it exactly! What should I do?
Stay calm! It’s gonna be fine, just follow these simple steps:
- Scan your device for viruses and delete all the suspicious things your antivirus finds
- Change the password to your hosting account, and the webstore login details
- Try to remember if you’ve installed any pieces of software recently, and delete all the questionable elements
- Update your CMS, all the trustworthy plugins and extensions to the latest version available
- Restore your webstore using the most recent backup copy you have
- If your store is built with the help of AliDropship solutions, don’t hesitate to contact our support team! The best option is to send an email to firstname.lastname@example.org address – this way, you’ll be able to describe the problem in detail, tell about your actions, and attach screenshots if necessary.
Follow these simple rules and safely enjoy your thriving business!