blue banner
Website Security

Website Security Checklist – Is Your Website Secure?

page title border

Every day, websites are exposed to hackers, malware, and other security threats. It’s up to website and business owners to ensure their websites are secure in order to assure customers that their information is safe while visiting a website.

If it’s been a minute since you did a website security health check, use this checklist to make sure your site is safe.


1 – Check Your SSL Certificate

A Secure Socket Layer certificate secures your website by encrypting sensitive data. While there are various levels of SSL certificates, the business you conduct online will determine exactly what you need. For example, if you collect credit card numbers, social security numbers, and other sensitive data, you will need a more advanced organization or extended validation (OV or EV) SSL certificate. For a blog or website that doesn’t collect data, a basic domain validated (DV) SSL certificate is sufficient.

If your business changes over time and you begin collecting customer information, you may need to upgrade your SSL to better secure your website.


2 – Secure & Update Passwords

Regularly updating your administrative passwords, and using strong passwords, is essential to thwarting hackers. According to the 2020 Verizon Data Breach Investigations Report, “password dumper” rose to the top spot among breach malware varieties, and more than 80% of hacking breaches involve brute force or the use of lost or stolen credentials.

We recommend using a password generator, like LastPass to change your passwords every 30-90 days. This includes employees and other users—like those who post content on your WordPress site. The type of business you have, and the number of people with login access and their roles, will determine the frequency you should update passwords.


3 – Limit Users & Permissions

On the topic of users, it’s a good idea to keep a tab on the number of people who have access to your website and what their permissions are. Content management systems, like WordPress, offer different permission levels, like administrator, editor and author. This allows you to control access, track who does what, and minimize security vulnerabilities. Periodically check to make sure permissions are current, and unused user accounts are deactivated or deleted.


4 – Regularly Perform Updates

Just like updates to your computer and phone operating systems, and updates to the apps you use, your website and various plugins require regular updates—both for security and performance. But remembering to perform updates is a task we often see get put on the back burner, both due to lack of time or resources, or lack of knowledge and fear that an update will cause an issue on the site. Unfortunately, ignoring updates can have negative consequences for your customers and ultimately for your business.

One solution is to outsource your website maintenance to an agency. Professional developers will update your site on a regular schedule. Plus they know how to successfully perform updates, and will be able to roll back updates and fix issues if something does go wrong.


5 – Add AVS & CVV To Checkout

For e-commerce websites, adding an address verification system (AVS) and credit card verification value (CVV) field to your checkout process further secures your customers’ financial information, prevents credit card fraud, and ensures shipping accuracy.


6 – Install Endpoint Security Solutions

So far in 2021, the AV-TEST Institute has registered more than one trillion new malicious programs (malware) and potentially unwanted applications (PUA).

While many commercial antivirus tools exist, we like cloud-based endpoint security solutions. These solutions enable businesses of every size to easily manage all users across all devices to ensure company data is protected from malicious attacks and viruses. This is especially helpful in today’s environment when many employees are working from home and accessing company data from personal devices.


PixelPeople Makes Website Security Easy

If the tasks involved with website security and maintenance feel daunting, let PixelPeople do the heavy lifting for you! We offer SSL certificates, website maintenance and security checks, flexible website hosting packages, domain registration and more. We’ll create a plan that optimizes your website performance and maximizes security for the ultimate peace of mind for you and your customers. Contact us to learn more and get a free quote.


Let's Get Started!