How do I secure my website?
Securing your website is essential to protect your data, users, and business from cyber threats. Elitehost offers several built-in features, such as free SSL certificates and Imunify360 security, to help keep your website secure. Follow the additional steps below to further enhance your website’s security.
Ensure that your website’s CMS (such as WordPress), plugins, and themes are updated regularly. Hackers often exploit vulnerabilities in outdated software. Keeping your site updated reduces the risk of security breaches. Only download and install plugins and themes from trusted sources, as unverified websites may offer free themes that contain embedded malware.
If you’re using WordPress, you can enable automatic updates. Follow our guide here: How do I enable automatic updates for WordPress, themes, and plugins?
Always use complex passwords that combine letters, numbers, and special characters. Two-factor authentication (2FA) provides an extra layer of security by requiring a second form of verification, such as a code from your phone, when logging in.
Learn how to enable 2FA in cPanel here: How do I enable Two-Factor Authentication in cPanel?
Avoid using “admin” as the username for your website’s admin panel, particularly in WordPress. Hackers commonly target this default username in brute force attacks. Change your admin username to something more unique and secure.
A Web Application Firewall (WAF) helps block malicious traffic before it reaches your website by filtering out harmful requests. For WordPress users, you can easily enable a WAF by installing security plugins that offer this protection.
Some popular WordPress security plugins with WAF capabilities include:
Wordfence: This plugin offers a built-in firewall to block malicious traffic and protect your website from common attacks like SQL injections and cross-site scripting (XSS).
Sucuri Security: This plugin provides a WAF, malware scanning, and other security features to protect your site.
Simply search for these plugins in the WordPress plugin directory, install, and configure them to help safeguard your website.
Elitehost provides a free SSL certificate to secure your website. SSL encrypts data transmitted between your site and its visitors, protecting sensitive information like login credentials and payment details.
SSL is enabled by default, but if you’ve recently registered a new domain, you may need to refer to our guide: How do I get a free SSL certificate for my website?
Elitehost includes Imunify360, which offers automatic malware detection and real-time protection against threats and attacks. This robust security tool is enabled on all hosting packages to help safeguard your website. For further information refer to the article: What is Imunify360 & How Does It Work?
By following these steps and utilising Elitehost’s built-in security features, you can effectively protect your website from cyber threats. If you have any questions or need further assistance, feel free to contact our support team or email helpdesk@elitehost.co.za.
1. Keep Your Software Up to Date
Ensure that your website’s CMS (such as WordPress), plugins, and themes are updated regularly. Hackers often exploit vulnerabilities in outdated software. Keeping your site updated reduces the risk of security breaches. Only download and install plugins and themes from trusted sources, as unverified websites may offer free themes that contain embedded malware.
If you’re using WordPress, you can enable automatic updates. Follow our guide here: How do I enable automatic updates for WordPress, themes, and plugins?
2. Use Strong Passwords and Enable Two-Factor Authentication (2FA)
Always use complex passwords that combine letters, numbers, and special characters. Two-factor authentication (2FA) provides an extra layer of security by requiring a second form of verification, such as a code from your phone, when logging in.
Learn how to enable 2FA in cPanel here: How do I enable Two-Factor Authentication in cPanel?
3. Don’t Use “Admin” as Your Username
Avoid using “admin” as the username for your website’s admin panel, particularly in WordPress. Hackers commonly target this default username in brute force attacks. Change your admin username to something more unique and secure.
4. Install Security Plugins for Web Application Firewall (WAF)
A Web Application Firewall (WAF) helps block malicious traffic before it reaches your website by filtering out harmful requests. For WordPress users, you can easily enable a WAF by installing security plugins that offer this protection.
Some popular WordPress security plugins with WAF capabilities include:
Wordfence: This plugin offers a built-in firewall to block malicious traffic and protect your website from common attacks like SQL injections and cross-site scripting (XSS).
Sucuri Security: This plugin provides a WAF, malware scanning, and other security features to protect your site.
Simply search for these plugins in the WordPress plugin directory, install, and configure them to help safeguard your website.
5. Ensure Your SSL Certificate Is Active
Elitehost provides a free SSL certificate to secure your website. SSL encrypts data transmitted between your site and its visitors, protecting sensitive information like login credentials and payment details.
SSL is enabled by default, but if you’ve recently registered a new domain, you may need to refer to our guide: How do I get a free SSL certificate for my website?
6. Leverage Imunify360 for Extra Security
Elitehost includes Imunify360, which offers automatic malware detection and real-time protection against threats and attacks. This robust security tool is enabled on all hosting packages to help safeguard your website. For further information refer to the article: What is Imunify360 & How Does It Work?
By following these steps and utilising Elitehost’s built-in security features, you can effectively protect your website from cyber threats. If you have any questions or need further assistance, feel free to contact our support team or email helpdesk@elitehost.co.za.
Updated on: 21/10/2024
Thank you!