| |
Posts Tagged ‘website security’
Tuesday, April 16th, 2013
If you read the news about a recent WordPress hacker who targeted a massive number of WordPress blogs, relax. Chances are, yours wasn’t one of them.
What you should know is that there are two WordPresses.
There’s WordPress.com and WordPress.org. The former hosts blogs much like Blogger.com. The latter is a software that you download and install on your own server. If you installed WordPress on a server at your hosting company (Hostgator, BlueHost, SBM, etc.), then you weren’t targeted by this hacker. You have no worries.
However, that doesn’t mean your WordPress blog can’t be hacked. There are precautions you can take to prevent it from happening.
Matt Mullenweg, founder of both WordPress sites and chief developer of the software, said:
“Here’s what I would recommend: If you still use ‘admin’ as a username on your blog, change it, use a strong password,” wrote WordPress founder Matt Mullenweg on his blog.
That’s a great suggestion even if you downloaded WordPress and uploaded it to your server. The ‘admin’ account is a vulnerable account that hackers search for when trying to wreak their havoc. You should always delete it and create your own account with a unique username and password.
WordPress also has a few heightened security plug-ins you can try. There are too many to recommend here now, but know that you can increase your WordPress blog’s security in a number of ways.
If you’re worried that your WordPress blog might be vulnerable to attack, don’t panic. Contact a WordPress expert to help you increase your blog’s security. It doesn’t take long and it’s worth it for the peace of mind.
Tags: blog, blog security, website security, wordpress, WordPress plug-ins
Posted in Blogging for Small Business | No Comments »
Monday, February 27th, 2012
I am often surprised at the different mind sets between online and offline business owners. In reality, a business is a business – no matter the environment in which it is conducted. Security is a thorny issue with consumers. They want their data protected, especially when it comes to their email addresses, their postal addresses, and more importantly, their credit card numbers. When we talk about online security, there are number of issues at play – your customers data, your own data, and the integrity of your website.
Bricks and mortar business owners know all about security. Client information is often locked in a filing cabinet, in a locked office inside a locked building. Some businesses also have a locked fence around the perimeter, guard dogs, intruder detection systems, and even real people as nightwatchman.
Move from the bricks and mortar environment to an online environment, and security goes out the window. Small businesses in particular are vulnerable to attacks on their website. In most cases, they are attacked by those looking to create mischief, however, that mischief can result in your website being de-indexed by the search engines, and visitors warned off your site. It won’t take long to kill your business if there are no customers entering your site.
Customer data is important, and in recent years there have been several attacks on businesses attempting to gain access to that data. As a business person, you need to treat your online business in much the same way a bricks and mortar business. Locking your customers data away is not difficult – it’s even easier if you use third party billing systems, and only keep the minimum customer data necessary.
Your website is no different. That too can be protected in many different ways – and the required software doesn’t have to be expensive. Start with a quality host and half the battle is won. Small businesses are easily destroyed because of holes in their security. There are many tools for small business that can help plug holes, use them, and you and your customers can rest a little easier.
Tags: online security, website security
Posted in Tools for Small Business | 9 Comments »
Sunday, January 15th, 2012
What’s the biggest threat to many small businesses in 2012? Most small business owners would probably point at their competitors. Others may point to the changes made to search algorithms and the effect it may have on their search rankings. Whilst these are threats that need to be dealt with, the biggest threat could come from hackers.
There has been a gradual shift in fraudulent activity in recent years with hackers slowly switching their focus away from big businesses and on to small businesses. Big business has the time, money and resources to guard against any hack attempts on their data. Small business has neither the time nor money, and in many cases, the know-how, to protect their data. This makes them easy targets for hackers looking for the personal details of customers, particularly credit card data.
Data protection is an area that small businesses will need to deal with in 2012. Any breaches could leave a business wide open to legal proceedings from customers, and we are talking about group claims here, not just one off claims. Protection of data needn’t be a costly exercise. You do need a very secure website, particularly when it comes to securing your data. This will be one area where the cost of protection for your site could outweigh the risks associated with an unprotected website.
A professional website development team can help to ensure your website is safe from hacking. The cost would be minute compared to the cost of a successful group law suit against either yourself or your business. Is your data safe? Could someone hack your website and then proceed to download all the personal details of your customers. If you’re not full protected, talk to a professional webstite development team.
Tags: online fraud, small business, website development, website security
Posted in website development | 2 Comments »
Friday, November 4th, 2011
Copyblogger podcast radio host Robert Bruce interviews Copyblogger CEO Sonia Simone about privacy and other content matters. So the question is, is privacy important for marketers and small business owners?
I think it is.
Here’s the best way to think about this. Your clients don’t want you to sell their private information. They’d rather you protect it at all costs. So it’s in your best interests to protect and safeguard that private information. But online privacy goes beyond your ability or willingness to share your clients’ information.
Real privacy is also about protecting that information from all sources.
In other words, NOT selling your clients’ private information doesn’t make you a good guy if your website ends up getting hacked or you don’t use encryption data to protect private information during transit. So, as a small business owner doing business online, it’s just as important for you to put time and energy into thinking about your website’s security. That’s the deepest level of privacy protection.
So how do you protect your clients’ privacy information? Have you thought about it?
There are two aspects to thinking about your website’s security: Data encryption and firewalls. Put effort into making those two things happen on your website for your clients’ sake. Otherwise, you might find yourself without clients.
Tags: data encryption, privacy, small business, website security
Posted in website development | 3 Comments »
Sunday, March 7th, 2010
WebProNews reports that cyber phishing and brand hijacking are on the rise. The sad fact here is that these cyber fraud schemes are targeting smaller companies online than what they used to. It really means that no business is immune from attack, including yours. And I see this problem only growing worse.
There are really two sides of this issue. Phishing scams pray off the naivete of e-mail users. It used to be that the phishers would send out e-mail blasts to random users. Now they send out personalized e-mails to specific users of a particular site whose brand they are attempting to hijack – for instance, Amazon or eBay. This scams the e-mail user.
The second side of the scam involves the brand hijacking. The company whose brand is being hijacked is a victim in a way that the victim of the phishing e-mail is not. The phisher cons the e-mail user into divulging account details or personal information like credit cards but the brand loses credibility when the end user (the e-mail user who was scammed) views her victimization as being perpetrated by the brand that was hijacked.
It’s a two-victim crime. So how can you protect your brand from being a victim of cyber phishing and brand hijacking?
First, you’ve got to protect your site users’ personal information with vigilance. Always use secure firewalls and encryption for personal information being transmitted between you and your users. Secondly, conduct all financial transactions inside of a secure area of your site and take every precaution necessary to ensure phishers do not get their hands on your site users’ personal information.
Tags: brand hijacking, phishing, website security
Posted in website development | 2 Comments »
Tuesday, August 18th, 2009
Should you ever password-protect your pages? I firmly believe there are times when you should. For instance,
- When you offer a free download and you want to track how many downloads you are getting
- When you have a free offer attached to something else (ie. newsletter subscription, paid download, etc.)
- When you have a membership section of your website
- When you have privileged users who get special privileges everyone else doesn’t have
- When you want to store certain information online but you don’t want anyone else to have access to it.
There are lots of reasons you might want certain material you keep online password protected. But how do you do it?
It’s not hard. You have to create two files, an .htpasswd file and an .htaccess file. You want to keep the .htpasswd file in a separate folder from the .htaccess file. In fact, it should be above your website root, in the root folder of your server, so that hackers and bots can’t gain access to it. In that file you’ll store your password information and nothing else.
The .htaccess file will give browsers instructions on where to find your password when authorized users attempt to access the information you have for them. It will also block access to everyone else. That file will go in the folder with the information you want protected.
Those are the basics on password protection. I highly recommend protecting some of your information with passwords and not giving away everything without getting something in return.
Tags: .htaccess, .htpasswd, password protection, website security
Posted in website development | 2 Comments »
|
|
|
|
| |
|
