Below are some of my favorite tips for securing your Wi-Fi connection, how to choose a secure web host, and notes relating to your favorite content management systems (CMS’s), like WordPress and Joomla
Wi-Fi security, do’s and don’ts
Unprotected networks, like most coffee shops or cafes, may harbor password thieves. Before connecting to your website’s login page, be sure your site has been secured via SSL.
You’ll know your site utilizes SSL if your login page website address has a nice lock symbol to the left or your website address.
For example, see the URL bar above. Note how it has a lock to the left of the web page address. This indicates SSL has been installed for HackRepair.com. If your website does not have a lock image, for SSL, contact your web host for more information on how to set up your domain name for SSL.
Without SSL, when you log into your WordPress dashboard you’ll be sending your password “in the clear,” which means that anyone monitoring your unsecured Wi-Fi connection will be able to read your login username and password.
Connecting securely via SSL is particularly important outside of the U.S.A., where hackers are known to routinely monitor unprotected networks in Hotels and restaurants for unsuspecting tourists using the local Wi-Fi to connect to their bank accounts, WordPress dashboard, et al.
How to choose a secure web hosting company – Questions to ask a new web host
Looking for a security conscious web hosting company?
Like to have an idea how good a prospective web hosting company is security-wise, before purchasing their services? Send this email questionnaire off to your web hosting company to find out what they really think about security:
Send this email questionnaire off to your web hosting company to find out what they really think about security:
Hi Mr. Web Host,
Can you reply back with answers to my hosting questions below please?
Does [my | the] service plan [enter your service plan] include the following options:
– Secure POP/IMAP available?
– SSH available?
– SFTP available?
– Is an SSL certificate available, and what is the cost?
– Will you scan my site daily for malware and notify me same day if malware exists on my site?
– If there is malware on my website can you assist me in clearing the malware, and what is the cost?
– Can you help me ensure my web hosting account is PCI compliant?
– Are my daily and weekly backups automated, easy to access; and do you charge for backup recovery?
Slightly off subject:
– If I have any questions about WordPress, or if I encounter any problems with my website’s plugins will you assist me?
– If I have an emergency or support question is there someone there I can speak to by phone or real-time chat?
+ Has your email account or address been compromised? We have an App for that…
Have I been pwned? Go here to check whether your email address has been compromised.
And my article, “Email Blacklist Removal Website Addresses“
+ Check your WordPress installation for vulnerabilities using these helpful links:
Recommended WordPress Security Articles
+ Must watch video regarding Joomla Security (in the “could not have said it better myself” category)
– An Introduction to Joomla Site Security, by OSTraining.com
Why did I write this article?
Website security awareness is a big part of our full-time job here.
If you find your website is compromised and have questions, please feel free to call or chat with us. We’ll take care of you like family.
Listen in to learn more about what I do: Listen to Jim’s Hack Repair voice introduction