Every Friday I host (and record) a live Blab with someone I’ve met that has helped me along my freelancing journey. For those of you that can’t catch it live, want a review or just prefer reading a blog post to video, here’s a recap of last Friday’s for you!
I met Tony, co-founder of Sucuri Security at the Minnesota Bloggers Conference when we sat down next to each other during a talk about SEO and marketing. I thought he was just another conference attendee, until he shared that he had a keynote coming up – full of personality, Tony and I hit it off right away.
After the talk, we continued our conversations about the different projects we were working on. I invited him to come on my Friday Freelancer’s Happy Hour Blab to discuss all things website security. Tony’s super chill, so he was game!
Here are the main takeaways of our chat together:
What Is Website Security?
Website security is a challenging and often confusing topic. It’s kind of like a black box that people don’t understand – even though they want to. Everyone wants security for their website, but with all the terminology on the market and options available, it can be hard to know where to start – especially when you are just launching your website and business.
The online landscape has changed significantly in the last 10 years making it easy for anyone to get online. Most of the times, website owners don’t understand how it affects them when they hear big brands being hacked.
What can Sucuri do for me?
This is where Sucuri Security comes in. The company grew from two employees to over 75 people since it was started in 2010. The driver of the growth was an unusual business model for a startup – they weren’t in any hurry to bring a product to market that wasn’t ready or needed. Instead, Sucuri set out to build a product that solves a real problem.
Tony’s passion for his company and their mission shined through in his conversation with us.
“They come in when things are at their worst – when a customer loses a bunch of traffic because they get blacklisted by google. We make it as affordable as possible. We don’t try to upsell. If we truly love what we do, it will reflect in the work we do.”
Where do I start with website security?
The natural tendency, especially for new freelancers and business owners, is not to worry about website security until something bad happens.
The problem is that if you are making money with your website, you don’t want to wait until your site is down to have to worry about damage control.
Tony gave us two places to start:
- Login vulnerability – How you login to your website or anything that supports your website can prove to be the Achilles heel of your website security.
- Software vulnerability – Software can be exploited. Understanding what you need and standard maintenance practices will go a long way in helping protect your website.
Four tips for website security:
1. WordPress and other Content Management Systems (CMS) are so popular to hack because of all the plugins and themes we add to it.
When we add in other people’s code to our site (for example, when we install plugins and themes), it can give hackers an easy entry point.
2. Even if you aren’t selling something on your site, security is still important.
You are still building an audience and need a way to deliver your information.
If your site gets blacklisted, it can be a real mess to get it cleaned it up. The time that your site is down could cost you traffic and credibility. It’s kind of like identity theft – via the internet and of your brand.
3. Website security is not just about you.
While you may feel you have nothing to lose if your site was hacked, that doesn’t mean it can’t affect others. If your site has malware, it can spread to the sites of people who visit yours, and they could suffer more damage than you.
4. As the owner of your website you know more about your website than anyone else.
It’s your environment.
If a hacker logs in in the middle of the night, you can see that and a flag should be raised. The system tracks it, but you catch it. You are the first line of defense to detect things gone amiss on your own site.
What should I do now?
To being with, keep things simple. When freelancers get started they can get consumed with all the options. But the more complicated you make your site, the more complicated the types of problems you can have.
Think about why your are using that plugin and if it is necessary. With all of the options out there, it can feel like you need a lot of the plugins to make your site work. Start off with a couple and go from there to see what is really important for your business. Always keep in mind that more plugins will make you more vulnerable for an attack.
Tony’s two tips to help keep your website secure (that you can implement today!):
1. Use two-factor authentication.
We all use a username and password to login.
Add another layer on top of that where you will be prompted with an email or app for additional information. Most attacks are automated, so after the first authentication it won’t have the information for the second. That would only happen if you are being targeted.
2. Have a way to backup your site and always update.
Updates will add new features to the theme or plugin as well as fix any security issues that may have arisen. The company won’t necessarily broadcast that the updates are fixing security issues as not to raise flags for hackers, so make sure you stay on top of updating your site.
Where can I get help?
Sucuri Security can help you clean your site up quickly. But more importantly, they can help protect your site BEFORE you have a problem.
Prices start at just $16 per month for a regular ol’ blogger like me and you. Their website firewalls and antivirus software mean that someone else worries about security, so you can focus and bigger and better things.
Sucuri is passionate about website security and will help you in any way they can to get your site up and running and prevent it from being hacked in the first place.
I really enjoyed having Tony on the Blab with me to give us all these awesome tips for website security. Don’t forget to check out their website or bookmark it in case you run into security problems in the future.
If you want to watch our chat to hear it for yourself (and see for yourself how knowledgeable/fun Tony is), here it is:
Have you ever been hacked or know someone who has? Tell us about it in the comments!