While many clients are aware that security is very important for their site, few understand the importance of web hosting security. The web host is a company that provides server space for your website to live.
Your website is only as secure as the place it lives.
I still today have clients who need to be educated on why they don’t want their website on their own servers. Simple answer: are you spending hundreds of thousands of dollars a year to protect your servers from the latest cyber attacks and malicious code and back them up in different locations? Also, do you have 24/7 support in the event of an issue to keep your site up and running? Uh, probably not. So, the first step is to use a company which is known for excellent up time and protection.
I have used Blue Host for many years. I’ll be the first to say it isn’t perfect (though it was close for many years). On the other hand, I haven’t found another host that I like any better. And I can count on Blue Host for web host security. They take care of my sites, and those of my clients, and knowledgeably answer questions both at my level AND at the level of my customers.
Web Hosting Security: The Weakest Link
The weakest link in web hosting security strangely is not the web host, especially for WordPress websites. It’s those who are using it. Even the best web host cant fight off an attack if the web owner or their employees, IT people and/or web developer are not careful about the website passwords.
Following are tips regarding all passwords to do with your website:
- Keep all passwords for your website together in one SECURE place. A spreadsheet is good for this. List whose name they are in, email and phone associated with accounts and expiration dates. Be sure you have the URL, company name, username and password for all the following:
- website domain name
- web hosting company
- website (if it uses WordPress or any other Content Management System)
- additional password protection that may be on the site
- any plugin keys or passwords
- Change all the passwords
- at least annually
- with change of personnel which would have access to it: your employees, IT personnel, web designer/developer
- if there should be a security incident of any kind with the site
- when you change domain or hosting companies
- DO NOT SEND PASSWORDS BY EMAIL – call and do it over the phone.
Google is Moving the Web toward Greater Security
Google wants the web to be a more secure place. It is penalizing sites which request password or other private information but are not secure sites (https://). It used to be relatively expensive to get a security certificate and secure sites also had to be on a dedicated IP (rather than shared as most hosting plans are), but certificates are available for free and some on shared IPs, so its something to look into even if you dont ask for secure information, but necessary if you do.
WARNING: NEVER give any personal information on a site that is not https://!
Even if you know and trust the intent of the company asking for it, the same can’t be said for the people who can hack it.
Contact Richterworks today at 847-577-0491 (or use our contact form) for more information.