In another article, we discussed why NOW is the perfect time to start your online business or invest heavily in expanding your online presence, regardless of the fact that we’re going through an economic crisis and pandemic. I’ll let that article stand on its own. Now, we’re going to take about one of the next (and possibly most crucial) steps in taking your business online: protecting your website.
More consumers are resorting to buying online rather than going to a brick and mortar retail store. Unfortunately, this means there’s more motivation for unscrupulous characters to come along and try to hack your website. Many hackers will steal your customer data and sell it to individuals who will commit credit card fraud. Others will remove your ability to access your website’s backend until you pay a high ransom.
Another concern is the growing interest world governments have taken in protecting consumer data and privacy rights. While this is a good thing for everyone, it also means that you’ll need to take extra precautions to ensure you’re operating within these new rules. For example, in May of 2018, the European Union enacted the GDPR (General Data Protection Regulation), which drastically changed the way online companies conducted business. Running afoul of the GDPR means having massive fines imposed on your company. Facebook was slapped with a $628,000 fine for breaching the GDPR, among other companies. Brazil is following suit with the LGDR (General Data Protection Law), which they began enforcing in February 2020.Needless to say, if you’re not thinking about customer / user data, you SHOULD, lest you end up at the mercy of the court. That being said, there are steps you can take TODAY to protect yourself.
First, become familiar with the GDPR, LGDR and the privacy laws of other countries you may operate in (and if you ship worldwide, that’d be everywhere). Luckily, many of these new privacy laws overlap, so in many cases, once you become compliant with one, you’re either compliant with another or close to being compliant.Second, find a good WordPress backup plugin. If you’re not using WordPress, you should consider switching, since it’s so easy-to-use and there’s tons of support available. Not to mention, there’s no shortage of choices in regards to plugins and addons.
Our Recommendation — Total Upkeep: A Powerful, Focused WordPress Backup Plugin
We recommend Total Upkeep, our full-featured WordPress Backup Plugin and website management suite. Total Upkeep comes with automated remote backups to Google Drive, Amazon S3 and DreamObjects by Dreamhost, tools to restore your site even if your WordPress installation is corrupt, the ability to automatically rollback failed updates and more.
Why does this matter? Well, earlier, we mentioned that some hackers will disrupt your access to your site until you pay a ransom. Even if you aren’t intentionally targeted, there’s still the threat of malware infecting and crashing your website. Total Upkeep can protect you from this. By having a clean, reliable backup archive, in the event that this happens to you, Total Upkeep can help you restore your website lightning fast, allowing you to contact your customers about potential privacy issues. Even in the event that you can’t access your hacked site through the web interface, you can use the included restoration script from the command line to restore a backup from outside of WordPress. Learn more about Total Upkeep here.
Using a WordPress Caching Plugin to Help Prevent Attacks From OccurringThird, you’ll need something that can help prevent hacks in the first place. Using a caching plugin with CDN support will not only lower your website’s loading speed, it’ll also give you access to the CDN’s web application firewall (WAF) functionality.
W3 Total Cache, our WordPress Caching Plugin, is fully compatible with StackPath, a CDN provider with WAF services. According to their website, “StackPath WAF protects your websites, applications, APIs, and more from the Internet’s worst vulnerabilities, threats, and attacks. StackPath WAF is designed to require zero-touch configuration, and to continue getting smarter as it is used. Traffic is constantly analyzed to profile behavior, detect inconsistencies, and determine reputation, leveraging advanced intelligence algorithms and expert security analysts. Every attack makes our WAF smarter and even more secure from emerging threats.”
This means it’s exceptionally easy to configure, and when used in conjunction with W3 Total Cache, you’re improving your website’s user experience AND hardening its security against threats. You can learn more about W3 Total Cache and download the free community version here.
In conclusion, I know this article can sound a bit scary and may actually turn some off from pursuing their online business ambitions, but the benefits definitely outweigh the risks as long as you take certain precautions to protect yourself and your customers. Both Total Upkeep and W3 Total Cache + StackPath are easy to configure and there are a ton of guides / information on how to properly achieve your website security and privacy goals.
Also, feel free to visit our official user forum and ask questions about Total Upkeep, W3 Total Cache, using them to protect your site, and more.