5 Tips for Securing Your Website

Website security has become increasingly important over the last few years as more and more malware, phishing, and spyware have led to identity theft and loss of personal information for internet users. According to a recent study, over 143 million Americans were targeted through online hacking and scams last year alone. This means online users are becoming increasingly aware of the dangers of submitting information through unsecured sites and forms.

The integrity of your site’s security features is of utmost importance to us at Mainspring Technology. In this article we are going to look at five steps to strengthen your website’s security and promote a safe environment for your online visitors.

1.      Stay on top of website security updates

A vast majority of websites these days are created using Content Management Systems (CMS) like WordPress, Joomla, Drupal, Squarespace, Magento, etc. Developers periodically release updates to the platforms and various plugins in order to fix bugs and troubleshoot loopholes that hackers use to access your site. By updating to the newest versions, you’re helping your site stay ahead of hackers.

Check and see what type of security features or plugins are available for your platform and start protecting your site from malware, spyware, viruses and other attacks. Even if you have never had this kind of problem with your site before, the proper precautions will help ensure that you never will.

2.      Backup your website

Frequent website backups are essential to any online business. If something goes wrong with your site, such as a failed plugin update or accidental deletion of a file or page element, the site backup ensures you have a stable version to revert to quickly. This minimizes your site’s downtime while you work to correct the issues on the backend.

Many CMS platforms have features or plugins that allow automatic backups of your site files and databases. Some hosting providers also provide automatic backups to ensure easy recovery of your site if something happens. If your hosting provider doesn’t supply this feature, check to see if any plugins are available for your CMS. Otherwise you can also manually download your site’s files from the server using a free ftp client like FileZilla. Also, be sure to back up your databases periodically.

3.      Install a security certificate

Secure Socket Layer (SSL) certificates are essential to any online business. They create a secure connection between your website visitor’s web browser and the server on which your website’s files are stored. If a visitor submits information, such as a credit card payment or email message, over an unsecured connection, that information can be viewed by a third party. This can mean identity theft, misuse of your customer’s credit card information, etc. An SSL certificate actually encrypts the connection so that information submitted is secure and not accessible to a third party.

SSL certificates create the https connection with the green bar that shows up in a web browser. Most customers will not purchase anything from a website that does not have this protection. The green padlock lets someone know their information is secure and won’t be accessed by someone who shouldn’t have it. These certificates not only protect your site, they also assure customers that your company has been verified and that they are safe to go ahead and make a purchase, leading to more customer conversions.

4.      Utilize 2-factor authentication

Hackers use a variety of ways to try and figure out your password and access your online accounts. The 2-facto authentication (2FA) method was developed as an additional layer of protection against fraudulent logins and account access. Even if a hacker has your username and password, with the 2FA feature, they must also have either your phone or email access in order to verify that they are you.

If you have ever visited a website that did not recognize the device you were trying to login with, you’ve probably experienced the 2FA feature. It will ask whether you would like an access code sent to your phone or email address. Once you’ve verified through your phone or email, along with inputting your password, you are finally granted access to the account. This ensures that even though a hacker has your password, they will not be able to login without access to your phone or email.

5.      Rename your admin login page

Some CMS platforms are fairly predictable for hackers. For example, WordPress automatically places your admin login page at example.com/wp-login. Hackers will automatically try to access this URL for your site. To make it difficult for them to find access, use a plugin or other setting to move your admin page to another location. Instead of the predictable default, create a hard-to-guess URL, like example.com/Hard-to-Guess-name. Like a strong password, well-hidden forms and folders make it harder for someone to hack your site.

Every part of your website’s security is important, and failing in one area puts the whole site at risk, and potentially your database full of customer information. Take every precaution to prevent break-ins by keeping your site up-to-date, protected with SSL, backed up, and difficult for anyone else to access. The integrity of your site is essential to online business.

We hope that the information above will help provide some more tools you can use to keep your website safe and secure. Of course, Mainspring Technology can provide these services for you so you don’t have to worry about it. Contact us today to find out more!

Web Solutions for Today’s Mobile Audience

More and more people are doing business, shopping, finding entertainment, and communicating with the world directly from their phones and tablets. Mobile devices and their users present a range of challenges to web developers who must meet the growing demands of technology with accessible, responsive platforms. This means that it’s crucial for designers to create websites that not only look good and are easy to use but that also can adapt to fit the range of devices being used.

Let’s take a look at some of the unique challenges and considerations for developers of mobile sites.

Responsive Web Design

Due to the increasing range of sizes and types of devices being used to access the Internet, it’s important that your website is equipped with the ability to adapt to the screen size of different devices. Whether your site is viewed on a 4” cell phone or 15” laptop, the design should flow nicely and provide your visitors with optimized accessibility and navigation for each of those screen sizes. Columns will rearrange for best layout, buttons will resize, and images will shrink or expand to fit the specified areas.

Why is that important? Because it prevents the frustration that occurs when a visitor must scroll across their phone’s screen with their fingers in order to view the content that was only designed to be viewed on a laptop size screen. The better the experience someone has with your site, the more likely they are to come back to it and to use it for the purpose you intend, whether to purchase products, view content, or learn about a topic.

Quick Load Time

According to Google’s statistics, 53% of visitors abandon a site after waiting three seconds for content to load. Many sites that are designed primarily to be viewed on desktops and laptop computers can load painfully slow on mobile devices and actually time out. Most of us have had the experience of trying to view a web page, only to be met with a spinning wheel or blank page while elements attempt to load over a slow internet connection. Proper set up of your site will include image and content optimization, caching, and scripting that provide a speedy delivery to your visitors.

Search Engine Optimized

No matter how beautiful or responsive your site is, it’s not much use if no one can find it. Search engine optimization refers to the practice of using specific strategies that help search engines like Google, Yahoo and Bing find and rank your site in searches. Some of these strategies include the use of keywords in meta descriptions and other elements that tell the search engines what your page is about. Ideally, you will have no less than 300 words on each of your pages to ensure that Google understands your page’s content and also to keep your readers engaged on the page as long as possible.

User Experience and Design

No one likes a cluttered site with confusing color schemes, hard-to-read fonts, and pages that don’t lead them to the information they’re looking for. Your site should be not only quick to load and easy to find through search engines, but should be easy to use. Difficult sites discourage users from completing the action intended for them. No one will want to complete a purchase on an e-commerce site if they can’t find the checkout button or can’t figure out drop down menus to choose features for the product. It should be simple and directed towards the end goal. Along with the responsive styles and quick load speed, the site should be easy to navigate and well-directed.

SSL Security for Customer Confidence

SSL certificates are no longer optional for sites. They not only provide an extra layer of security against online hackers, but they also give customers the confidence to trust your site with their credit card information. Secure Socket Layers also are more and more encouraged by Google, which tries to promote a secure online world. In order to get more people to start using them with their sites, they’ve said they will actually rank SSL-encrypted sites a bit higher than similar sites without SSL. It’s something to consider, even for a non-ecommerce site.

Connected and Shareable

If you utilize social media platforms for your business, and you should, be sure to include links to these profiles in an obvious place on your site. Anyone researching your company will want to see them in order to find reviews and recommendations from other users. Your site should also include a feature that allows visitors to share your content on social media. You want as many shares as possible. It’s free advertising for you and over time will draw a relevant audience to your site as people recommend you and your content.

Technically Correct

No one likes 404 errors, and there is no turn off quite like the “page not found” message. Plugins that don’t work, email addresses rendered undeliverable, missing page elements, Javascript that makes the page run slower than molasses, etc. These are huge discouragements to visitors and do not reflect well on your brand. They are also easily preventable. A functioning website free of errors is essential to creating an online platform that works for your brand and allows for expansion.

At Mainspring Technology, we make this process simple for you by providing the technological resources and support needed to establish and grow your business online. Don’t get snagged in the technical details. Let us help you create your web solution. Contact us for more details.