In case it’s there, or you visit a site which does so, then find out for yourself what this means and what are the cons of it. There are pros as well, however not for you, the pros are in favour of those who could pose a harm to you by attacking, hacking or stealing your valuable info.
Let’s say you’re discussing a confidential matter with your trusted partner, like a pain point you are experiencing or your net banking credentials; and a random person is listening to your conversation…
How would you feel?
Now that ‘random person’ could misuse the piece of information he has stolen.
That’s exactly what can happen when in a web browser. If there is a triangle with an exclamation sign along with “Not Secure” on the left of a website’s address, then it can be hacked very easily as they have loopholes which can be tapped.
Or when you happen to visit a website for e.g. ‘www.peypal.com’ instead of ‘www.paypal.com’. Wherein the former is faking to be your bank’s website and when you enter your login credentials, instead of reaching your bank’s database and logging you in, it goes to those who’re looking forward to stealing your information. Rest you are intelligent enough to understand what would happen next.
Even I am intelligent enough to tell that now you’re thinking how to avoid such a zemblanity.
Let’s dive deeper and understand ‘what is SSL (Secure Socket Layer)?’ and ‘how it works?’
In a web browser, let’s say chrome or safari, pull up any website for e.g. ‘www.xyz.com‘. Once the page has loaded, on the left hand side you’ll either see ‘http’ or ‘https’. Former has an open pad lock or warning sign along with it, whereas latter has a padlock sign. This indicates whether a website is ‘secured’ or ‘unsecured’.
A secure site is like driving with your seat belt on, thus taking preventive and precautionary measures to safeguard yourself. Same goes with websites as well.
When a website is on http, random people can access the data or information you send and receive via internet. When on https data gets encrypted, thus alienating the random people who may try to listen to your conversation.
All major hosting service providers give SSL Certificate for free while buying a domain and hosting service. If we talk about wordpress sites, there are various free as well as paid plugins that can be installed.
I strongly recommend buying an SSL Certificate, that too from a trusted source rather than going for a free one. Security cannot and should not be compromised. Unsecured sites can be hacked easily. Google gives high weightage to SSL factor while ranking a website.
Besides this here are some more suggestions to secure your website.
Password: Have a strong password to the admin portal of your website and keep changing your password every 45 to 60 days. Use a mix and match of upper as well as lower case letters along with numbers and special characters to make a strong password that is at least 8 characters long. Make passwords that are hard to guess but easy to remember. Make sure you password does not contain any of your personal information. Use multifactor authentication, if allowed.
Access to admin portal: All DIY kind of website development portals have pretty straight forward and common way to access admin portal. For e.g. A wordpress website with domain name as ‘www.xyz.com‘ will have a URL such as ‘www.xyz.com/wp-admin‘ to access admin portal. You can tweak this URL so that it becomes difficult to guess and eventually making it difficult for those seeking unauthorized access to your site or making an attempt to hack.
Backup: Get into the habit to take regular backup of your website. This comes really handy when you need to revamp your website or migrate from a hosting service provider to another. This way your website will be secure against cyber-attacks, and you can have your website up and running with minimal efforts.
Various plugins are available to back up your website. You can even get in touch with your hosting service provider as well to discuss your backup needs.
In addition to this avoid plug-ins and add-ons or third party tools and apps on your website from untrusted sources. Also keep updating your CMS/Wordpress as well as plug-ins as and when an update is made available.
Any themes and plugins installed inside your portal which have expired or have not been used since substantial amount of time should be removed.
Be vigilant about fake traffic on your website from untrusted sources, as well as bot attacks. If you do notice such an issue immediately take necessary actions to safeguard your website.
Above mentioned point when taken care of will not only keep your website safe and secure, but will also enhance your website’s Google ranking and trust worthiness.
Precaution is better than cure!
I would really appreciate if you spare a couple of minutes from your precious time and drop in comments. I love to read comments and accommodate learnings in my upcoming content. You can also let me know what you are looking forward to reading in my upcoming blogs.
Stay healthy, Stay safe and stay tuned for more such informative pieces of knowledge.