Monthly Archives: May 2016

Why do you need SSL?

Perhaps most of you still wondering why my website need SSL?

SSL functions to encrypt information between a server and a client. It is a link between a web server and a browser to make sure all data that is transmitted is protected and not intercepted by malicious parties.

 

Data protection

data protection

There are many personal and private data such as log in details, credit card information and personal information like identification number , address and telephone numbers. SSL makes sure datas are sent to intended recipients only. This is especially important for those who operates e-commerce sites or even membership sites that handle sensitive information on a daily basis. 

For corporate use, SSL helps to encrypt sensitive information such as email password that are transmitted between the email client (e.g. Outlook) and the email server.  Using security protocol such as SSL/TLS, the email server verifies its identity to the email client by sending a certificate that is trusted by the user’s software, or by a third party trusted by it. Doing so ensures that the email client isn’t sending messages to an imposter. Once the client knows it can trust the server, a key is exchanged between the two, which allows all messages sent and received to be encrypted.

 

Make sure your website is secure

greeen padlock

Having a green padlock on the URL bar assures your site visitor that you are indeed a legit site and not a fraud. Https instead of http may assure the visitors that your site can be trusted.

 

My website does not handle sensitive data, do I still need SSL ?

seo

SSL helps in improving SEO ranking.Google had previously mentioned that secured sites will have higher rankings in the search engine. If you want your site to be noticed and have a higher traffic, you should definitely consider installing SSL.

 

Does SSL reduce the website’s speed?

http2-fast-websites

Yes, encrypting and decrypting data will indeed consume time and cpu resources, thus slowing the site’s speed. However, you can opt to exclude some of your webpages where SSL is not necessary. In addition, http/2 is here to solve the problem and improve website’s performance even through SSL connection.

 

How to obtain SSL certificate?

1.You may buy an annual SSL certificate from Serverfreak.

2.Purchase a hosting package that is semi-pro or above that comes with free shared SSL.

Why you need a website for business?

 

 

Many companies contemplate on the idea of online business as it takes up a lot of time and money to manage and update. However,  an online business is totally worthwhile. The proof is that some companies had based their business completely online and become successful.

 

Information is power

information is power.

By having a website, you can tell the public what your business is all about , either through words, illustrations or even videos. Make an impact on the world by letting your business be renowned. It may even be like a portfolio for potential clients, future partners, engaging employees to gain more insights on the company and its ongoings. Showcases of previous works and successes can even boost the company’s image.

 

Professionalism

professionalism

A website mirrors a company’s image. Having a website earns you credibility and makes your business more legit and trustable in the public’s eyes. Depending on the presentability of your website , it can reflect your company’s efforts and may influence how the public perceive your company. In short, having a website is a way to convince others that your business is indeed competent.

 

Reaching out

internet concept word network

A website enables you to expand your business to a broad range of potential customers, internationally and globally. With more people having knowledge of your business, it may bring around a lot of opportunities and unknown chances.

 

Available 24/7

available 24.7

By having a website, you may meet customers’ expectations to be available all the time. Customers may still proceed with their online transactions without haste, or obtain useful information from the website. Customers are happy, and business is rolling!

 

Communication with customers

important update

A website is convenient for you to keep your customers updated with the latest products, offers and promotions. Customer support through website is also extremely useful for customers either through live chat or tickets.

 

Marketing

online adertising

Advertising online is made all the more easy by owning a website. It can also grow your business by always targeting the right groups of customers to visit your website.

 

Attracting talents

attracting talents

Last but not least, a website can also attract talented people to apply for a career in your company instead of posting a vacancy post in a job search site. Without the need to advertise the job posts, people may contact you willingly for the right positions.

Best practices for securing your WordPress

 

WordPress-Security

No website is foolproof to hackers, not forever anyway.

 

Having your website hacked is a very troublesome matter. In some instances you may successfully restore your website to its original state, in others, you may lose important files or have your website completely wiped clean. Thus, it is of utmost importance to maintain the security of your wordpress site to prevent hackers and hassle. Below are the best practices for your wordpress security.

 

Update your wordpress application

images

In your wordpress dashboard, if there is any red indication for new updates, you should keep in mind to update them. And this of course includes your wordpress themes, plugins and so on. If you are the type that seldom do site maintenance, you may also set your plugins and themes to update automatically.This said, you should still log into your website once in a while to make sure that your website is up and running. However,please note that setting automatic updates is not suitable for those that are using plugins that are only compatible with certain wordpress version.

 

Download from trustable sources

wordpress-plugins-large

In addition, when you are looking for plugins and themes to enhance your website, do remember to download it straight from https://wordpress.org/plugins/ or trustable sources only for security purposes. Never go for free premium or pirated plugins although tempted because it may contain malicious codes which make it all the more easy for hackers to access your site. As plugins and themes are gateways for hackers to access your website, think carefully and plan before you install any plugins as you do not want unnecessary site vulnerability. If your website can function perfectly without that plugin, better still, don’t use it. If there is any old plugins or themes that are not in use, you should delete and remove them permanently too.

 

Use strong passwords

passwds

As we often know, we have to own strong passwords to prevent hacking. You may thus enforce a strong password using random characters or by using password generators. Mind that all users have to use equally strong passwords as well. Besides, you should also change the default “admin” username to a different one so that others cannot guess it easily. You may change it in phpMyAdmin.

 

Two step Authentication

duo-two-factor-authentication-wordpress-plugin

 

 

 

Admins and users can be verified using other means like mobile phones or hardware token instead of depending solely on passwords. You may install plugins like the Two

Factor Auth(https://wordpress.org/plugins/two-factor-auth/) or Clef Two-Factor Authentication(https://wordpress.org/plugins/wpclef/) and so on.

 

Security Scanner plugin

virus-scan

You may also download a security scanner plugin to protect your website against exploits and spam injections. There are several scanners available, an example is Antivirus (https://wordpress.org/plugins/antivirus/). You should often conduct these scans to check for malicious codes in your files and plugins so that you can act immediately to remove them before it is too late.

 

Backup Your website

three laptops with a world map connected to the blue 3D word BACKUP

In case your website is being compromised, you can quickly restore your website with a backup. Even though Serverfreak provides backup files that are 7 days old, if you do not realise the defaced website soon enough, you may end up with no backups. You may install plugins like Backup Buddy,, Duplicator, Vaultpress and so on to be on the safe side.

 

Please keep in mind that a website’s security has to be maintained from time to time and being outdated is a security risk. The Serverfreak team can only help so much to keep your website secure as this is a shared responsibility. Hopefully through our advices and services, you will find it easy to build a secure WordPress site.