Skip to main content

Website Security 101

Welcome to Part 1 of our Website Security 101 tutorials. These short tutorials are aimed at answering the what, where, how and why questions to implementing and maintaining stronger website security.

In our examples we may illustrate or discuss specific instructions based on WordPress or cPanel. The majority of what we will learn can be applied to any website.

They are design to be short sharp helpful guides to give you enough information to get the ball rolling.

Lets get started!

Website Backups

The very first thing you need to do today is a complete site wide backup. Before implementing or updating anything you need to start with a complete working backup of your website. This includes not only your websites files but also any databases your website is using or referring too.

FTP

Start by creating a folder on your computer and give it a meaningful name such as ‘Website Backup – 2.6.2017’

Open your favourite FTP Client and connect to your website using the FTP details your website hosting provider gave you. Your web designer may have these details handy or simply contact your website host and ask to have the details emailed to you.

Once you have connected you will see a folder structure much like you do when you navigate file explorer on your own computer.

  • On the left hand side (you local computer) navigate to the newly created folder ‘Website Backup – 2.6.2017’.
  • On the right hand side look for the folder called ‘public_html’.
  • Drag and drop the contents of ‘public_html’ on the right hand side to ‘Website Backup – 2.6.2017’ on the left hand side.

website security - ftp backup

This process may take some time depending on the size of your website. But what should be happening at this point is that you are downloading a copy of all of the files of your website to your computer.

Databases

Because our website is built on WordPress we will also need a backup copy of our SQL Database. To do this, we need to log into our cPanel, again you should be able to obtain these details from your website hosting company or web designer.

  • Once logged in, launch ‘phpMyAdmin’.
  • On the left select your websites database.
  • On the right click on the ‘Export’ link.
  • Click the ‘Go’ button and choose a safe place to save the file.

website security - phpmyadmin database export

Now you have your complete website backup, we can now begin to implement stronger security on your website.

Updating WordPress

New updates are released for a number of reasons. There have been several Security Patches this year alone, so we need to ensure that WordPress is up to date to prevent potential attackers from accessing or hacking your website.

  • Log into your WordPress Admin Console (typically www.yourwebsite.com/wp-admin).
  • Navigate to ‘Dashboard’ – ‘Updates’.
  • First update all available plugins and themes.
  • Once all available updates are installed, click ‘Update Now’.

website security - wordpress updates

If everything went to plan, we will see this message below indicating everything is up to date and future security updates will be applied automatically.

website security - wordpress is up to date

Summary of Website Security 101 – Part 1

In this first tutorial we took the first real steps towards ensuring we have a complete backup of our website. We have exported a copy of our SQL Database and finally we have updated our WordPress website to include all of the latest security patches and bug fixes.

 

 

Corey Masters

Author Corey Masters

More posts by Corey Masters