4 ways to maximise site security and prevent hackers without impairing UX

At Moocow we’re all about knowing what’s best for your business, whether it’s the latest updates, design tips or marketing tactics. And when it comes to getting you your perfect website, we pride ourselves on making sites that are both manageable and secure.

Following the launch of the European Union’s General Data Protection Regulation laws (GDPR) which began May 25, everyone has gone a bit security mad, and businesses seem to be packing their site with security options that aren’t often necessary. This can in turn lead to problems with the speed of your site as well as making it easier for hackers to access your web page details. Our aim is to help you understand security options for your site clearly, allowing you to cut through the confusion and get to grips with the lingo, making it that little bit easier. Obvious options to take such as ensuring that your software is always up to date and backed up, are implemented by most. Below however, are a few simple steps you may not know about which may help pin down some good ways to make your site secure, without putting off customers to your site.

 

Restrict Your Plug-ins

We know it’s tempting, but try not to overload your site with various security plug-ins. Do your research, and pick two or three at most that do the job efficiently. Too many plug-ins will slow down your site and leave it vulnerable to hackers trying to access your private data. Researching what security plug-ins work the best and comply with GDPR regulations is the best way to establish this. It’s easy to be tricked by advertising telling you you need all sorts of different plug-ins, but ultimately many will end up doing the same thing, and it’s easy to find just a couple of plug-ins that will cover your site securely.

 

Use reCaptcha

When accessing a site, most of us know how frustrating it is having to declare we’re not a Robot… However, using reCaptcha does comes with a lot of benefits. It’s extremely helpful in protecting you from up to 95% of spam and data hack attempts. One downside is, using reCaptcha can have the potential to slow down your site. It’s a bit of a double edged sword. There’s both pros and cons to using it, but overall we feel the benefits outweigh any of the speed issues that may or may not crop up.

 

Implement Two-Factor Authentication

This method of security has become much more popular recently, especially with larger businesses and sites that hold especially personal data. For those who aren’t sure what this means, it’s pretty much the same as having to show two forms of ID when confirming your identity. In this case it will usually take the form of a password, and a personalised security code sent by text message to your phone. You’ll then be asked to submit this code on the website. Two-Factor Authentication can help significantly reduce the likelihood of hackers being able to impersonate your identity and log in to any accounts or personalised info.

 

Add a Concealed WP Log In Page

Most hackers will try to get into your site through your WP log in page or dashboard.

WordPress websites primarily all have a universal login URL of /wp-admin/ making it extremely easy for hackers to go directly to your log in page and use brute force cracking to hack your page. This is a trial and error form of hacking used to decrypt passwords and other types of log in details. To prevent this from happening, you change your URL to something more personalised using plug-ins such ManageWP. It allows you to customise your log in URL to something harder to guess, an easy example being /my-concealed-login/ but you can change it to whatever works best for your business. It may seem like a bit of a hassle, but doing this has the potential to stop almost 100% of hackers accessing your page.

 

GDPR and The Launch of WordPress 4.9.6

At Moocow we’re all about knowing what’s best for your business, whether it’s trending tech news, the latest updates, design tips or marketing tactics. And when it comes to getting you your perfect website, we pride ourselves on making sites that are both manageable and secure.

Following the launch of the European Union’s General Data Protection Regulation laws (GDPR) which began May 25, WordPress have made some important updates to privacy and maintenance options for site users. GDPR requires businesses or web page owners to be clear and upfront about how they’re using, collecting or sharing your personal data. It also means users have more choice and control over how their data is stored and shared.

Due to this, WordPress have decided to release WordPress 4.9.6 – the Privacy and Maintenance release. Features that can be found within the update include automatic changes to the comments section where users will be given options to whether their details will be saved on the browser. You can now also create a privacy policy page using a new default menu feature on the WordPress dashboard.

Although allowing for a speedier process, WordPress still recommends to add the privacy policy manually to the footer on each page of your website also. Webpage owners can also export or erase a clients data and send automatic requests asking for permission via email. WordPress have also created a handbook that guides you through privacy policies when using plug-ins which you can learn more about here.

95 other updates and modifications have been included in WordPress 4.9.6. including:

  • Mine” included as a filter in the media library.

  • When displayed in admin, plugin-ins will now show the minimal PHP version required.

  • New PHP polyfills for forwards-compatibility and proper variable validation have been added.

  • TinyMCE updated to newest version (4.7.11).

Take a look at the WordPress site here to read up on the more in depth details on all the updates included.