From the NHS in 2017 to just about every major company at one time or another, web security is a major issue in the modern business world.
With even small businesses increasingly going digital, and increasing functions automated through IT, creating and maintaining some degree of security is absolutely mandatory, regardless of the size of your business.
To help with that, here are six more ways to help protect your business website from cyber criminals.
Use robots.txt to hide your admin pages
Just like when securing something physical, the more important things to protect are the entry points. For a website, this means protecting your admin access pages.
This is a function of the ‘robots.txt’ file, which can help you hide pages you want to keep secure from search engines. It is much harder to hack a page that you can’t find in the first place.
Reconsider file uploads
Sometimes file uploads are mandatory, but wherever they exist, file uploads are a huge security risk.
Any upload could contain a malicious piece of code, whether intentionally or unintentionally. Seriously limiting file uploads and formats, and then ensuring that the files are aggressively quarantined and checked before being used, is key.
Use encryption everywhere
The HTTPS protocol, using SSL, allows a site to encrypt all traffic travelling to the site, and to the end user, preventing anyone with malicious intent from ‘listening in’ and obtaining private information.
If you are having your site built or updated, specialists such as Red Snapper (https://www.redsnapper.net/web-development-services-london), a web development company in London, can advise on encryption.
There is no way to hide your code
In order for your site to show up properly, the code has to be readable. While there are products that claim to obscure your code, or stop end users from reading the underlying source code, there is no way to do this and still have a site function.
Disable form autofill
Disabling autofill won’t stop ‘hackers’, but it will stop unauthorised access to your site that can occur through lost devices.
Employ robust backups
There is a computer science adage that if you don’t backup a file, you have to assume it is already gone. If the worst does happen, robust backups will allow you to repair your site with a minimum of fuss.… Read more ...