We have probably all heard the old adage, that ‘a chain is only as strong as its weakest link.’ The very same can be said about computers and websites. You can have 99% of your computer and your website secured, but it’s going to be that 1% that ultimately brings ruin to your overall security strategy.

In my first installment on computer and website security, i.e. Securing Your Computer and Website (Pt 1) I shared about the importance of anti-virus software, FTP passwords, operating system security patches, and software security patches. In this installment, Securing Your Computer and Website (Part 2), I want to discuss some additional housekeeping issues that should be done regularly, if not daily.

The following are precautions that you can take if you want to be proactive in protecting your Website from the possibility of security breaches:

1)  Continually update your Website software to be sure you have the latest security patches.  Most Websites are not custom built, but rather templates and fairly basic platforms that most Internet users, if they want tot take the time to learn, can personally set up their own Website. Some Websites are more complex and much more customized, and are way beyond the average Internet user’s capability to build or maintain. In both instances, there is a continual need to be sure that your Website is secure and that the platform or Website development tools you are using to build and maintain your Website are continually upgraded with security patches.

Blogs are becoming a huge part of the Internet Website business and the WordPress blogging platform is by far one of the fastest growing platforms in popularity. It is the blogging platform we recommend to all of our clients. This blog is built on the WordPress blogging platform. Whatever you decide to use for your Website’s platform to build your Website, be sure that you are always running the latest version of the main software that powers your Website, and if they provide plug-ins like that of WordPress, be sure to upgrade your plug-ins whenever you are told to do so. The cool thing about WordPress is that it updates itself whenever there is a new patch or security or stability issue that needs to be addressed.

Unfortunately, because of the WordPress popularity, many of the latest hackers are targeting WordPress. Whatever you are using in the way of a Website platform, you can help to avoid security issues by always seeing that you are running the latest version and that if you use plug-ins for that platform, that you keep them up to date.

2)  Get help from Google Webmaster to monitor your Website. Google has some pretty cool tools to help people use the Internet more effectively and securely. One of those tools is a Google Webmaster account, and it is FREE (I love that word… FREE). If you get your Google Webmaster account linked to your Website, should you be hacked by some cyber-dog, Google will send you an email to tell, and even what pages have been hit by the hacker. And, while your Google Webmaster account is not a prevention tool, it is a valuable free tool that is the cure to helping you solve your security problems. Google updates the pages they monitor every hour of every day, so for most Website owners who have and use the Google Webmaster account, Google is most often the first to notice your site has a problem, and lets you know.

3)  Confirm with your Web hosting provider that they keep their server patches updated. Most of us use third party web hosting (meaning you don’t have your Website hosted on your own computer). As a general rule, most people assume that their Web hosting company is proactive with their hosting servers. Unfortunately, they are not. But you can still make sure that your host is doing everything they can by asking. Send an email to their support department and ask them directly how often they implement server updates and security patches, and what their security methods are. When they respond, print out and keep a copy of the response in your Personal Identity Security folder for future reference (you attorneys know what I am talking about). It is sometimes worth paying a bit more to make sure your host is doing as much as you are to protect your site, your business, and you.

4) Check your server file permissions and see that they are secure.  Imagine having a really nice garden that you have spent months cultivating and it is just beautiful and something you are really proud of, and to get into the garden, there are 4 different gates that allow access to it. Three of those gates are securely locked, but you have not taken the time to lock the fourth. If a gate is left open, as gardening goes, something or someone come through it and there is no telling the damage that will be done to your garden (thinking of a particular neighborhood dog right now that really likes to dig under tomato plants). Server file permissions are sort of little like these gates to your garden. If you leave access to your server files (files that make your Website work and collect information from visitors or users) unlocked, the dog(s) will get in via these unsecured permissions that have been set incorrectly. Although they can be quite hard to understand, if you speak with your hosting company, they can make sure that your permissions are correct and secure.

I said earlier that no computer or Website is 100% secure or safe from hacker or virus attack. Truth be told, if someone really wants to get to you, they will. It’s just a matter of time. However, for most of the vast majority of computer users and Internet users, Website owners or Web hosting companies, the majority of computer and website attacks by viruses and hackers are not personally motivated at a particular user or company, and are not overly sophisticated. These are the attacks that you can be proactive in preventing if you are willing to take the steps I have outlined here in this two part blog post on securing your computer and Website.

My advice: “Update always and often, and for the love of God, stay away from porn, hate, violence, and rogue gaming sites.” Please feel at liberty to pass this information along to your connections on your favorite social media network by clicking on the share button below or tweet it to your friends and followers. It might save their computers or Website’s life one day, and maybe even more, like for instance your reputation and financial well-being.

Knowing how to prevent WordPress security problems with your Website can save you tons of time and aggravation if you will just take a few minutes each week to maintain the updates of your WordPress Website.  Let’s face it.  There is always someone who thinks it’s cool to hack into other peoples websites.  And, as great as Matt and his team are at WordPress, even their platform has security issues if they don’t keep providing security updates for the millions of users worldwide.  ”It’s not just a WordPress security issue, but a security issue with all Websites.  If you have a Website, you will be hacked.  It’s just a matter of time,” says David Ward of ITfamilyGroup.  To illustrate his point, he went on to say, “It happens to the best of the best at one time or another.  Listen, if two 10th graders can hack into the National Security Administration’s mainframe in a moment of boredom after school one day, if someone wants to hack your website bad enough, they will.”

If you are new to the Internet as a Website owner, don’t let this ominous first paragraph scare you.  Again, even with all of the security that even the biggest Website owners put in place to prevent hackers from gaining access to our several websites, we all will still get attacked from time to time.  One thing to learn that is the best way to prevent being attacked as a WordPress Website owner is to see that you keep your WordPress website updated. It only takes a few minutes a week to do this, so it is very doable.

For the techno idiots among us, we realize that it is easy to get yourself up to your ankles head first in your work day and forget to visit your website’s back office to check out the status of your updates.  If you are one of this esteemed group of techno, we suggest hiring a virtual assistant for about $30 per month to maintain the security and functionality updates for your Website so you can go on doing what you enjoy most – whatever that is.  We are not recommending this because we offer solution through our offshore outsourcing services through a sister company of ours.  It IS however our point in telling you because we really hate to see people frustrated and discouraged because they forgot to do updates or didn’t have their settings right in their blog.

As a coaching and training firm, we believe that our job is in part to be the pain reliever for our clients.  One way that we do this is to help prevent major headaches with our clients by educating them and/or taking this added responsibility off of their plates by referring them to someone who can do it cost effectively. After all, time is money, and if you could make more money doing what you do best, and pay someone less for their time, why not work smart, right?  The point is that whether you do it or we do it, without a proactive position when it comes to the security and operability of your Website, you will be met with many setbacks and costly delays in your goal as a successful Internet marketer.  This is especially true if you are a newcomer to the world of the Internet and Internet marketing.

Let us assure you that the updates are always important both for the WordPress platform and the various plugins you are utilizing as a part of your WordPress Website.  If you want to keep your Website up and running, and free of hackers and the typical mayhem they bring when they hack your website, the VERY BEST WAY to do this is to visit the administrative area of your website and check daily to see if there are updates and install them.  This most often prevents attacks to your website that the average hacker will attempt. We recommend this to every one who uses our Internet marketer’s hosting services, since the vast majority of them use WordPress for their Website’s platform.

Tutorial on How to Update Your WordPress Blog Platform

How to update WordPress using the automatic update option is the easiest way to do it. Why talk about the hard way, right?  This is what you need to know to do it.

1)  Every time you visit your website, you will see if there is an update available that can be installed to your website (see diagram below).  When a new version is available, you will see a notification in the WP admin area.  If there is a newer version of your WordPress platform, it is for a reason.  Do not negate it.

2)  Before beginning your update, make certain that you have a current backup of your website before you begin your upgrade.  It’s hard for us to put a number to just how many times we have had to help clients rebuild their websites after something went wrong with an upgrade to their Website where they did not do a backup of their Website.  The time and aggravation (and money) that you may have to experience if you do NOT keep a current backup of your Website is not worth neglecting the few minutes a week it takes to back up your Website. Before you proceed with the upgrade, backup your Website!

3)  Once you have completed the backup of your Website, click the ‘Please update now” option (blue hyper-link as shown below). When you do this, a new page will appear.

4)  At the prompt on the following page, click on the ‘Update automatically” – this is the fastest and safest way to do it and eliminates the possibility of confusion in the process if you try to do it using a round about way like that of downloading the new version to your desktop and then uploading it to your website using an FTP client. (If you don’t know what an FTP client is, you DEFINITELY want to use the ‘Update automatically’ option!  For those who are used to using an FTP client who want to do the upgrade manually, 1) download the newer version to your desktop, 2) upload it to the root directory of your hosting account.

For those doing this for the first time, the page will look like this as you are getting started:

5)  After you click the “Upgrade automatically” option, your page will start showing the process of of the upgrade.  If it is successful, your page will look something like the window below. The line you most want to see it at the bottom …  ”WordPress upgraded successfully” …. congratulations! If you see this, you have successfully updated your WordPress security update.