Securing Your Website

Greetings FlockHosters! One of the common questions that come through lately is “How do I secure my website?” so let’s dive into some options on how you can better secure your website and access to it!

Let’s Encrypt SSL

Off that bat let’s add a padlock to your website, and let’s do it for free. Yes free.

I have mentioned Let’s Encrypt certificates on the blog a few times, we are actually listed on Let’s Encrypt’s site as a provider (We are famous!) however not until the new build of the site will it be listed as a feature, but it is active on all accounts now. How do you enable it? Well good news, there’s a new video for that:

 

So it’s that easy! Still, if you have a question on adding this, don’t hesitate to ask for more help! But if you just walked through this – your site is a bit more secure now you are using SSL based content! If you are using WordPress and want to make the entire site over to SSL, just try the Really Simply SSL Plugin a great plugin to make all of your content SSL based. If you are getting some content that is not all going SSL try Why No Padlock – A great site to diagnose what’s not entirely secure.

Site File Management

Now if you are familiar with cPanel you’ll know there is a web based file manager but for most of you, it’s using FTP. Be it FileZilla, CuteFTP, SmartFTP, Transmit, Cyberduck you can quickly and easily migrate to the SSL version of communication so your content isn’t flowing over plain text. How do you do this? Look for an SSL option for starters, for most this should work just fine, however, if you hit any snags it will become a little bit easier this month using SSH Keys & SFTP – I’ll have a full guide on this walking you through it on Windows and Mac.

Now if you are using a CMS for site management, please make sure you use a plugin or adjust your configuration over to SSL as well so the easy option is in your site configuration where it lists your URL, likely something similar to this:

Site URL: http://mywebsite.com

Simply change it to:

Site URL: https://mywebsite.com

A lot of difference a simple S can do 🙂 This will force most of the common URL’s for your site to using the SSL login for your administration and keep things you do from writing an article to logging in all done over a secure connection.

Login Smart

If you are on a connection at your favorite local spot (I’d say the coffee shop, but honestly just about anywhere – McDonald’s, for instance, has access!) be sure you are logging in securely and your connection is secure!

If you are a Chrome User, I highly suggest checking out some of these options may offer a free browsing security, there are commercial options out there too like Private Internet Access which offer some great features for when you are browsing in less than safe options.

If you want to, however, have a browser set aside for secure browsing, Opera has you covered and even has an Android App & iOS App to secure your mobile devices too!

Auditing Security

Now last on my list is auditing. Your site may not be the first thing in your mind on a day to day basis, but to hackers and bots it’s a spot it can get its grubby little fingers into and do some damage, so why not set up a bit of free auditing on your site for some of the most common issues by using Gravity Scan.

Gravity Scan is a great app which you don’t even have to install anything on your site to get a scan! In a few minutes, it will scan and review all your visible URL’s and give you a run down if it finds anything.

Now if you want it to go deeper, it provides a single PHP file for you to download, then upload into the main folder of your website and it will deep scan, every file & folder gets a once over – now as you can see here on the blog on the right-hand side – I’ve got mine scanning daily and as proof of security it shows up with the last date things were scanned.

 

And that’s it!

While this isn’t maybe the most comprehensive article that could be written and fine tuning system security, etc. it will help get your feet wet! If you have any questions beyond what is covered here please do not hesitate to reach out! Here to help!

Let’s Build a Website: Planning

Welcome to the first part of a series of posts on building a website – Now these are not a complete and comprehensive resource, there is always custom coding, advanced elements you could do, but this is more of a guide in getting starting and publishing a simple website that will get you online and give you some basic learning in the process. So let’s dive in!

Planning

If you want your site building no matter how you are building it – you need to plan it out. The idea of just buying a domain and suddenly you are “Online” is one which as I’ve seen time and time again bring a site to be done about 25% of the way then you are unsure where to go, and you simply walk away, to “Work on it another day” and we all know how that goes 50% of the time.

I’ve done it so many times with my project websites, I have a rough plan for 45% of the site, and the rest will “get done” as I go along, but so far there is a project or three that I need to finish, and I’ve settled to working on continual Google Docs to work on it on the go, while I’m trying to get a baby to sleep, or when I’m in a resting spot with a project.

So how to do it? Well I’m going to use one way that’s free, but again feel free to adapt as you see fit.

Using Google Drive

I love Google Drive, if you have a Android or iOS Smartphone you can get the Drive application from Google and in your Gmail account you can create a folder of all your content. So if you are unsure, login to http://drive.google.com and you’ll do the following steps:

My_Drive_-_Google_DriveMy_Drive_-_Google_Drive 2

 

1. Create a new folder and give it a simple name, I used “My Website” but if can be anything to identify what your website information.

My_Website_-_Google_Drive

2. Now you have your new folder, its blank and ready to create some written information.

Untitled_document_-_Google_Docs_and_ThrustNetworks_—_Inbox__15178_messages_

Untitled_document_-_Google_Docs

3. Create a document, rename it based upon the page you want to create: for instance, I made homepage.

Homepage_-_Google_Docs

4. Build your Pages! A separate doc for each page you want to create!

Homepage_-_Google_Docs 2Homepage_-_Google_Docs 3

5. Have others help with editing, just share to an email, and give them permission to edit with you! You can both work on it in real-time if needed!

Now the great thing about Google Drive is you can drag in ANY file, so if you have more resources to add in like photos or a logo, just drag them into the folder you created and it will all be there when you are ready to go!

Explore in this what works for you, some folks use Folders to build out sub-pages like About Us folder = all sub pages in About Us like maybe Company Information, or Contact Us, build those pages out however you like, but don’t be afraid to try something different! This is again just a guideline not a “DO THIS OR YOUR SITE WILL FAIL!” — Everyone is different and there are plenty of options!

 

Part two in two weeks! Stay tuned!