about us

simplewebhosting.co.uk blog simplewebhosting.co.uk blog


Archive for the ‘hints and tips’ Category

Secure your WordPress installation

Tuesday, April 21st, 2015

We’ve recently been plagued with a number of hacking and spamming events caused by WordPress installations. Or, more accurately, out-of-date WordPress installations.

As great a piece of software as WordPress is, if it’s not kept up-to-date with the latest releases and security patches then it becomes a magnet for even the most amateur hacker. Scripts such as xmlrpc.php can be easily manipulated to send out large amounts of spam. You may not think this is an issue for you personally but if just one of those spam messages hits a spam trap, then the server’s IP address is blacklisted and other users will find they’re unable to send mail.

We’re not having a go at WordPress here. It’s a great piece of software and there’s a reason it’s the world’s most popular blogging platform, however you cannot simply install it and forget about it. It MUST be kept up-to-date. This issue is not restricted to WordPress of course – it affects any PHP software running on your server – WordPress is just more of a target due to the volume of installations out there.

There are many tools freely available that can ‘lock-down’ your WordPress installation – one we’ve played with ourselves is:

https://wordpress.org/plugins/better-wp-security/

It’s a WordPress plugin that’s available free, very easy to install and provides a run-down of the things you should do once you’ve installed WordPress (such as disabling the dreaded xmlrpc.php!)

There are server wide settings we can employ that will help stop some of these attacks however they also restrict genuine functionality which then causes more issues.

Are you using WordPress to power your blog?

Wednesday, March 4th, 2015

WordPress is the most popular blogging software available powering more than 60 million websites. This of course means it’s open to the most abuse.

We’re finding more and more attacks on our servers are caused by exploits in the WordPress software – not through any fault of WordPress itself but the fault of end users who are not applying the numerous patches and security releases that WordPress distribute each year.

It’s essential that if you have WordPress installed on your hosting account that you keep it up-to-date constantly; the software can even do it itself if you configure it that way! Let me say that again. You must always keep up to date with the latest version of WordPress.

There are also a variety of security plugins available to help ‘harden’ your WordPress installation and we’d recommend these too.

Is YOUR password secure?

Sunday, December 8th, 2013

passwordscloud

Passwords are an everyday part of our lives and are essential in protecting our most sensitive data; including our web data. But how secure is your password? At simplewebhosting.co.uk we regularly see examples of poor password choice and find it’s a constant battle to educate users in the importance of choosing a strong password.

Mark Burnett (xato.net) has used lists of leaked passwords to compile a master list of the 10,000 worst passwords; an astonishing 91% of all passwords used appear in the top 1000. Click on the wordcloud above – if you can see your password then you should change it now!

Here are some startling facts gleaned from Mark’s data:

  • 4.7% of users have the password password;
  • 8.5% have the passwords password or 123456;
  • 9.8% have the passwords password, 123456 or 12345678;
  • 14% have a password from the top 10 passwords
  • 40% have a password from the top 100 passwords
  • 79% have a password from the top 500 passwords
  • 91% have a password from the top 1000 passwords

So is it time to change your password? The answer is almost certainly yes!

We’ve recently introduced stronger password strength requirements meaning that no longer will you be able to pick cPanel or mailbox passwords that are insecure. We know that this will be a nuisance to some customers but we believe it to be an essential nuisance.

Did You Know … we’re open 24 hours a day?

Thursday, August 12th, 2010

In fact, we believe we’re the only UK web hosting company providing all its customers 24/7 freephone telephone support.

So whether you need web hosting support at 3am or have a sales question at 3pm – you can call us free any time of the day, and day of the year.

The Importance of SSL

Sunday, June 13th, 2010

SSL, or Secure Sockets Layer, encryption is the most commonly used method of encrypting web pages. It ensures that any personal data or often payment details entered into a website is safe from being accessed by unauthorised parties. Thus, it is very useful for any website that sells products to people through an online payment system (see our article on ecommerce) to have SSL encryption.

Websites that are encrypted using SSL can be identified in several ways. Firstly, the prefix of their web address is usually “https://”, signifying that they operate over a secure server. Also, the website can be identified as secure by the fact that there is a padlock symbol in your browser’s status bar. If neither of these signs is present, then the website is insecure and it is not advisable to put sensitive personal information into that website as it may be possible that an unauthorised third party could obtain access to the data.

Protecting your website using SSL encryption is definitely a practice that we recommend to all webmasters who regularly ask their visitors to input sensitive information. Of course, the most obvious benefit to you as a webmaster is that it ensures that all of the data that your customers enter is safe, secure and inaccessible to anyone other than those who are authorised to have access to it.

Encrypting your webpages in this way ensures that you, as a webmaster, have peace of mind and know that the data provided by your customers is secure and protected against unauthorised access.

As well as the peace of mind for you, the fact that there are visible signs of how secure your website is means that customers will feel more comfortable. If they can visibly tell that your website has a layer of security protecting it, then they will be far more likely to input their details and thus they will be more likely to buy products from you online.

This in turn means that you will earn more money and sell more products, which is exactly what any online business wants. SSL encryption for your website will definitely pay for itself after a very short time indeed, making it a worthwhile investment for the security-minded webmaster.

Reputation is another aspect of your web presence than can be improved by adding SSL encryption. If your website asks people to enter payment details, then it cannot be reputable unless it is secure. A website that is clearly secure will instantly have a better reputation than one which appears to be  wide open for cybercriminals.

So to conclude, in this security conscience online age, SSL encryption is something that is definitely worth the investment for your website. Without the padlock symbol, potential customers will not have enough confidence to input their sensitive personal information into your website and thus they cannot purchase any of your products. However, the addition of encryption quickly puts their minds at rest and soon your SSL encrypted website will have the customers flying in.

about us
top

blog blog

 
top

blog categories blog categories

 
top

blog archives blog archives

 
top

blog categories popular blogs

 

 
10 reasons 10 reasons to choose simplewebhosting.co.uk