Site Security

March 30th, 2021
    security2 This may seem like a strange place to talk about site security but, really my friend, now is the time. When you begin working to monetize your site, you start handling more sensitive accounts and data relating to financial matters. Don’t leave open vulnerabilities that may lead to your website being stolen right from under you. Imagine letting cyber-criminals ruin all the good work you’ve done so far. There are four common problems site owners miss when focusing on making money off their website:
  • Compromised Accounts.
  • XSS Vulnerabilities.
  • Public Networks and Mobile Attacks.
  • Scams and Social Engineering.
Compromised Accounts. Whether they are related to affiliate programs, advertising, or simply an email address for newsletters and reader interaction, your accounts are valuable assets. If compromised, you could be dealing with an emergency. To keep them under your control you should take the following steps to secure yourself:
  • Use the strongest available passwords and verification measures with each account.
  • Use different passwords with each account.
  • Protect your email account(s) because they are the gateway to all of your other accounts.
  • Separate your personal and business email accounts.
  • Disable accounts you don’t use anymore, if possible.
In short, don’t leave places where thieves can access your private information unprotected. XSS Vulnerabilities. Maybe you never heard about ‘cross site scripting’, also know as XSS. It’s been in the news before, but they never explain the potential vulnerabilities you could have on your website. An XSS attack involves a hacker injecting malicious code onto your website. This code might be intended to install viruses on your visitor’s computer. Or it might trick users into entering their login information and send it to the criminals. There are many ways malicious code can be used to harm you. As a general rule, the more input fields and scripts you have running on your website, the more opportunities hackers have to get to you. Try to do the following to minimize the risk:
  • See if your web host has any tools available to scan for XSS vulnerabilities and CLOSE THEM.
  • Turn off the comments section on pages or posts where they are not needed.
  • Keep your website, themes and plug-ins updated as XSS new vulnerabilities come up often.
  • Install a security plug-in like WordFence to ensure the security of your site.
Public Networks and Mobile Attacks. Working from the relative safety of your office or home is fine but when you venture outside, beware of public networks. Public networks are dangerous due to the hackers that can intercept your website and account information on them. The usual tools won’t help you. You need to hide your identity and encrypt your connection by using a Virtual Private Network, which is a service that will connect you to an offsite secure server and keep you safe from hackers. Also, be sure to lock your phone down. Have a screen lock and a plan for if it gets stolen. It has a lot more information on it than you might think. Keep it secure. You can replace a phone more easily than a website. Scams and Social Engineering. Most major data breaches are caused by human error, and hackers are quite happy to capitalize on that. As you monetize your website, you need to stay on the lookout for scammers trying to take advantage of eager website owners. Remember the following:
  • Nothing on the internet is free. Some things are too good to be true.
  • Trust no one. Assume nothing. Scammers are clever at hiding their identities.
  • No matter how good the money might look, don’t ever give up private website info or financial information.
In a nutshell, there are unscrupulous people out there who are looking to take advantage of you.

Be wary. Be vigilant. Be safe.

You are AWESOME! Just look at what you have accomplished so far. You have managed to:

  • Downloaded and installed software tools
  • Chose an awesome, money making Niche
  • Identified high traffic, low competition Primary and Secondary LSI keywords
  • Purchased your own domain name
  • Purchased a Hosting account
  • Setup your own email accounts
  • Installed WordPress and set up the back office
  • Chose an appropriate Theme
  • Installed several critical plug-ins to make it all work
  • created several important Social Media accounts to drive visitors to you site
  • and installed the ability to track your site’s performance.

What can I say? That’s simply outstanding work. Congrats on a job well done.

When you’re ready, come back and we will start to add some all important content to your site.