The safety of your church website is paramount to building a good reputation with visitors and search engines. Safety and security are often overlooked parts of website maintenance, especially for smaller sites.
The problem is, hackers don’t care about the size of your site. They love stealing resources, lifting user data and using sites to pass on malware to unsuspecting visitors.
All it takes is a little regular maintenance to protect your church community and potential new members. Besides, no one wants to deal with the cleanup after a site’s been hacked.
No matter what else you do for your church website, always have recent backups. Should the worst happen or a site upgrade go wrong, a backup can save you hours and even days. With a current backup, it only takes a few hours to ensure the backup doesn’t have any of the security flaws of the original (if it was a hack) and get your site back online. Worst case scenario, you may lose a few recent blog post comments or your latest blog post.
2. Install SSL Certificates
SSL certificates are an often overlooked safety measure, but they encrypt the data being transferred on your site. For instance, if you require anyone to log in, without an SSL certificate, that data could be intercepted by hackers and used to easily get into your website. Even if you don’t have any logins, SSL certificates are still helpful. Having that HTTPS in your URL not only makes your site safer, but it can also give you a small search engine rank boost.
3. Keep Your Site Updated
Many church websites run on WordPress, which is a great CMS. The platform even has security features built-in to help ensure the safety of your church website. However, WordPress releases security and core updates regularly. If you don’t install them, your site could be at risk. While you may face some compatibility issues with themes and plugins, it’s still worth updating for optimal safety.
4. Require Strong Passwords
Are you still using the default username and password for your administrator login? Hackers rely on users to have simple or default passwords. This makes it easy for them to get in without even having to hack anything. Millions of users still use 123456 as their password. To improve the safety of your church website, require stronger passwords. For best results, use a random password generator, but to create one yourself, do the following:
- Create passwords from a sentence, using the first letter of each word, along with a symbol and a number
- Use at least one number and one symbol
- Use eight characters or more (more characters is harder to crack)
- Never use any personal information, such as birthdays
- Use a different password, or at least a variant, on every site
You probably have anti-virus installed on your church’s computers to give them safer. Websites need the same type of protection. Your web host may already have security software, such as anti-virus and a firewall. If you’re using WordPress, you can also use security plugins that constantly scan for threats and further secure your site from hackers.
6. Always Update Plugins & Themes
According to Sucuri’s Website Hacked Trend 2016 Report, the main cause of WordPress hacks is outdated and insecure plugins. Just like WordPress itself, you should always keep any plugins and themes you’re using updated. If you notice that they haven’t been updated in a while or they’re not compatible with the newest version of WordPress, it may be time to consider changing to a new theme and plugins. Also, uninstall any plugins and themes you don’t need. As long as they’re installed, they still represent potential vulnerabilities in your site.
Place Safety First
The safety of your church website shouldn’t be taken lightly. All it takes is a single hack to ruin all your hard work. Remember, you’re not just keeping the website safe – you’re keeping all your church website visitors safe as well.
Have questions about creating a more secure website for your church? Contact us today to see how we can help.