Over the years, we have optimized the security of our platform by developing sophisticated security systems, introducing a variety of security tools, plugins, and features, and constantly analyzing and monitoring traffic and patterns to recognize potential threats. While all of this has made us one of the most secure and trusted web hosting providers in the world, we know that platform security alone is not enough. The involvement of webmasters and site owners is equally important to properly secure a website. That's why we've compiled a list of the most essential security features you can enable that can make the difference between a hacked website and your peace of mind.
Use SSL
Nowadays, an SSL is absolutely essential for any website. An SSL certificate encrypts the connection between your visitors' browsers and your website's server so that data transmitted between the two, such as personal information, credit card details, login credentials, or others, cannot be intercepted by hackers.
SiteGround customers get free standard and Wildcard SSL certificates with all hosting plans, regardless of the number of sites. Make sure you have your SSL installed and traffic properly redirected over HTTPS from Site Tools > Security > SSL to ensure connection encryption.
If you have a commercial website or are processing online payments, you may want to consider our Wildcard Premium certificates that come with a $10,000 underwritten guarantee and a dynamic site seal to build credibility and trust among your visitors.
Protect your access
Your login credentials are a gateway to your account and personal information (and when it comes to websites, your domain, site, and emails, too). There are several things you can do to ensure that your login credentials are secure, and only you or people you've authorized have access to your website:
Strengthen your passwords
Despite all the knowledge available today about weak passwords and the importance of never sharing login credentials with anyone, one of the most common hacks is the one that compromises credentials through attempts to guess or brute-force easily cracked passwords. Having a long password, consisting of several characters and a combination of words, letters, numbers, and symbols is an easy and super-effective way to keep your accounts secure. Remember to use different passwords for different sites and applications, and never share your passwords with anyone, or write them down in publicly accessible places like post-it notes on your computer.
Use 2-factor authentication
No matter how tough your password is, there’s still a chance a hacker could gain access to it through a brute-force attack, virus, malware, or otherwise. With 2-factor authentication enabled, anyone trying to access your data must go through a secondary step. 2FA adds another layer of authentication, usually through a dynamically generated temporary code (accessible only from your phone or email, depending on settings), that can’t be guessed or hacked and makes your login defense bulletproof.
For the SiteGround Customer Area, which is the gateway to your domains and sites, you can easily enable 2FA from Customer Area > Access & Profile .
To log into the WordPress app, you can install and activate the SiteGround Security plugin and enable the 2FA feature. Download the plugin here , or install it directly through your WordPress admin area.
Monitor your website
Scan for malware regularly
There are many ways a website can get infected with malware: through compromised login credentials, infected or fake plugins and themes, corrupted software, and more. Malware can have a serious impact on your site and your online business. The best prevention for it is a secure web hosting platform and constant monitoring. If you are a SiteGround customer, you can activate Site Scanner – a service that scans your website on a daily basis and notifies you of potential malware and other threats. Recently, Site Scanner helped save thousands of WordPress sites from a particularly nasty malware.
Block suspicious traffic
There are cases where only the person managing a website may notice specific patterns or suspicious activity. We have provided powerful and easy-to-use tools to block specific IP addresses or entire countries , allowing our customers to control who accesses their website and prevent unwanted visitors.
While backups don’t protect you from hackers directly, they do keep you safe from other unexpected events: a site update that may have gone wrong, an infected site that needs to be rolled back to a clean version, and any other situation where a backup is all you need to get your site online. We know how often backups can save an otherwise dire situation, which is why we make automated daily backups of all sites hosted with us and keep them for up to 30 days. You can easily restore your website, files, or databases for free with just a few clicks from Site Tools > Security > Backups.
Take special care of your WordPress
As the world's most popular CMS, WordPress is also one of the most popular israel whatsapp number data targets for hackers. While all of the above tips apply to WordPress, there are a few additional things you can do to ensure your WordPress site is well protected from cybercriminals and malware.
Keep your WordPress up to date
Keeping your WordPress up to date is essential for the security of your website. If your site is hosted with SiteGround, we've got you covered. All WordPress sites hosted with us are automatically updated to the latest stable version of WordPress (only after it has been thoroughly tested). Free plugins are also automatically updated, depending on the user's settings.
Add an extra layer of security with a trusted security plugin
There are WordPress-specific exploits and vulnerabilities that are best managed within WordPress. Some of our best WordPress engineers have developed the SiteGround Security plugin (free for everyone) which consists of a number of tools and features designed to keep your WordPress safe and secure. It helps site owners disable XML-RPC if you don't need it, add XSS protection, protect system folders from being injected with malicious files with just 1 click, and much more.
