How to protect your website from attack


Website attacks by hackers are on the increase and it doesn’t matter whether yours is a small start-up or a huge organisation. Whatever the size, you can be vulnerable to cybersecurity incidents involving malicious malware.  


If the worst happens and your firewall is somehow compromised, it can be the equivalent of someone throwing a brick through your shop window.  


As far as your clients or prospects are concerned, you’ve disappeared off the face of the earth – or worse still, if some less than savoury content has replaced your own it can do irreparable damage to your brand 


As well as the loss of revenue, if your customer data is compromised, you could be facing the threat of significant fines under the terms of the GDPR. You can even be blacklisted by Google if your site is deemed a risk and that would be catastrophic for any organisation.   


These are real worries in the times we’re operating in and are unlikely to lessen as attacks become ever more sophisticated.  


At Secret Source, we often get called in to help businesses with failing sites or ones that have been breached, and there are some smart steps you can take to be protected: 


1. Update your plugins 

These need updating on a regular basis, as outdated software is open to attack. When selecting plugins or integrations, assess the creator and their rating and be conscious to ensure you’re always on the very latest version.  


2. Add an SSL certificate 

A Secure Sockets Later (SSL) certificate provider gives you an encrypted connection so that if your website is transactional, the connection between yourself and your customer remains safe.  


3. Choose a secure host 

There are so many hosting providers out there, take the time to thoroughly investigate one that can offer you the right level of security. You don’t need to pick the most expensive one but be careful not to scrimp on this service as if you select a cheaper option, you might be left to your own devices if a breach occurs. You will then need to call in the services of a company such as Secret Source to get you out of the predicament.  


4. Get support 

Having the right support behind you is crucial and will give you peace of mind by checking that every aspect of your website is as safe as can be from the start.  


5. Pick difficult passwords 

It’s surprising how many people are still using the same passwords for all their systems and how simple many of them are. Not taking this seriously is making life easy for hackers. Choose long passwords which can’t be guessed and combine letters with numbers and symbols. Remember to change them on a regular basis too. 


6. Secure code 

Ensure that any code that is written is secure and not leaving your site open. Code that has been copied from forums or libraries should be checked so you are not left exposed. These are great ways of adding value to your site but be careful and think ‘security’ when including them. 


For a heavy duty, robust strategy, get yourself a cyber partner. They will work with you on penetration testing, which is a controlled form of hacking to see how secure your website is and will then fix any flaws that this exercise shows up. They will also be able to carry out communication drills so that if an attack does happen, you’re fully prepared in how to tell your stakeholders about it. And all importantly, they will be there to fix an attack by identifying it and building a barrier, should anything dangerous take place 


There will of course be costs associated with all of this but the costs of not being prepared and your website being infiltrated will be far higher.


If you need a brand-new website, check out our recent blog on Top Tips for buying a new website to help get you started! 


For more advice on securing your website, get in touch to speak to one of our specialists and we can talk you through what we could do for your business.






Written by Nick Carlson