What is the most important aspect to a website? What a great question.
Some will say SEO. Others will say the theme. Some will say the content on the site itself.
However, one area that can never be overlooked is the site’s security.
Over the years, I have had to learn the hard way just how important security is – to the point that it would have been cheaper just paying for a premium service every year than the downtime my site’s experienced.
With this in mind, here are three ‘to-dos’ you should be doing to keep your sites as secure as possible.
Protect against DDOS
DDOS stands for Distributed Denial-Of-Service. It describes when there are many requests sent to a server, in an attempt to overload the server and cause it to crash.
If you do not protect against DDOS, it is very likely your server will overload and crash, causing a loss of user experience for web users, and potentially even losing and corrupting data.
To get around this, use a service, such as Cloudflare, Sucuri, etc. to make sure they stop DDOS from occurring.
If you want to make sure your site is secure, this is, by far, the best thing you can do.
Manage your Plugins
By far the most common reason there are breaches in websites is due to the plugins. This is generally because:
- Developers do not think about ‘back doors’ they sometimes leave them open in plugins.
- When things are not updated by you, there is a risk there is a security flaw with the outdated plugin
With this in mind, try to keep the number of plugins you use to a minimum. This will also help prevent conflicts between plugins, which can cause websites to go down too.
As well as this, keep your plugins up to date. Many a time plugins are updated simply to patch security flaws. It is also worth having a separate server with a staging site, so you can update plugins, check your site runs well on the other server, before updating them onto the live server.
Mitigate Through Backups, Both Online and Offline
If your site does get hacked/goes down, what do you do? There is always a possibility that sites can go down, and it is quite scary when they do (SEO implications, bad UX, and so on).
If you want to be extra safe, a good idea is to clone your website onto an entirely isolated server, once a week. You can set this up to happen automatically, and allows you to have peace of mind. This is because, if your live website goes down on one server, you have at least another server with your website on that you can redirect your IP addresses to so that in the short term, your website is not completely down (whilst your main server is fixed).