Most people do not realize that a website is just as big of a target for hacking as a computer. The integration of devices today with internet-based backups, cloud storage, and remote connections make website security just as important as terminal security. As for any website based activities, there are some simple steps you can take to make sure your website, and its data, stay secure.


The basis of many websites today is in the personalization of user profiles, whether it be from the end user or administrative side. In order to accomplish this, logins must be created. One of the easiest ways for a data breach to occur is from weak login credentials. If you are an end user, try to avoid using simple name-based usernames. While these are easy to remember and may make you easily identifiable, they also make it easier to access an account. If you are a site administrator, always change the admin login name from “admin.” Default login names are the single easiest way to have a website breach on the administrative side. For end users and administrators, passwords are a simple game as well. Avoid using easy words and common phrases. If you must use a specific word or phrase, replace alphabet characters with case sensitive lettering, numbers, and special characters as appropriate. If using a phrase, try putting in special characters in place of spaces between words.


One of the simplest ways to secure a website is to be mindful of the protocol used. The standard protocol for most websites is HTTP or HyperText Transfer Protocol. This has been the standard since the early 1990s. In an effort to make sites more secure, HTTPS was introduced. This secure protocol used security certificates to encrypt each point of access to a website. The protocol was originally only used in emails and e-commerce applications but has quickly found its way to being the standard over the last few years. Browsers like Google Chrome even make it abundantly clear any time you visit a website that is not connected through the HTTPS protocol. In today’s world, where data security and privacy are of the utmost importance, a simple switch to the HTTPS protocol can save a lot of unnecessary stress in the operation and use of any website.

Update Your Website Regularly

Websites are just like device software, they are regularly updated to improve the security of the connection and patch parts that may become vulnerable to new cyber threats. Many content management system (CMS) like WordPress allow for security plugins to be easily added to any website. As an administrator or developer, it is important to stay up to date on any updates to these add-ons, as well as any new options to better secure your data. It does not end there though, any add-ons or plugins that you add to your site must be updated regularly to make sure specifically tailor security patches are up to date.

File Sharing

Be wary of allowing users to upload files to your website. Even a simple image can harbor malicious code that can create vulnerabilities on your website. As a web user, be wary of downloads executed without your permission, and of links that download informational files instead of redirecting you to another page. These files can easily become infected with malicious software that can open up your device to all kinds of security threats. Only download files from trusted websites or email contacts. As a website administrator or developer, try to keep any shareable files in a separate database to avoid any unnecessary breaches.


Another very simple way to protect your website is to make sure your hosting service is dedicated to security. If your developer provides hosting services, make sure their hosting client is reputable to minimize security threats. Also be sure that they develop the website with security in mind and handle security patches such as the ones discussed earlier. If you are handling your own hosting, do your homework, especially if you are going to be handling sensitive personal information. As with anything, the cheapest option is generally not the best, and a little bit of research goes a long way. This advice goes for developers as well, do your homework on your hosting options, and be sure to use every accessible tool to make sure your websites and hosting services provide the best security services available. You cannot build a good house on a weak foundation, and you cannot build a good homepage on an unsecured host.