7 Tips to Protect Your Website from Hackers
Legacy signals
Archived popularity: 1,316 legacy viewsImported historical SelfGrowth signal; not blended with current reader activity.
Archived rating: 3/5 from 2 legacy votesImported historical vote signal; separate from signed-in SelfGrowth ratings.
Reader rating
Not enough ratings yet
Aggregate average appears after enough eligible reader ratings.
Rate this resource
Sign in to rate this resource.
We have all heard in the headlines about major companies like Chase, Target, and Home Depot having data breaches with Ashley Madison being one of the latest high-profile victims.
The threat to small businesses on experiencing attacks by hackers is very real and not something to ignore. In fact, according to a 2013 survey by the National Small Business Association over 44% of small businesses have had their systems hacked.
The threat is real of having your website hacked. Be prepared and pro-active to minimalize risk
The Dangers of Not Protecting your Systems
It’s easy for a small business owner and entrepreneurs to say “Oh it won’t happen to me.” Or because they are too busy with the day-to-day operations of the business not to make website security a top priority.
But the dangers of doing nothing are alarming. Hackers can:
Break into your database and steal customer information.
Deface your website and put inappropriate pictures or text on it.
Submit malicious code through forms to deliver viruses and other harmful code to visitors who enter your site.
Log into your email server to send spam through your server.
As a business owner, it’s important to understand these dangers and know what needs to be in place in order to minimalize your risk of being compromised.
How To Protect You And Your Website from Hackers
1. Keep your Website Platforms and Scripts Updated. If you use a CMS (Content Management System) such as WordPress, Drupal, or Joomla etc., it’s important to install updates as they become available.
The makers of these platforms often find and fix security holes that will leave your website vulnerable to attack.
Wordpress is especially vulnerable due to the extent of its popularity.
Same applies for shopping cart systems or plugins and scripts that facilitate extra functionality on your site.
2. Be Careful with User Uploads. While allowing users to upload an avatar, picture, or other file to a website or form can add interactivity, it also allows a way for malicious scripts to be uploaded to your server.
Ensure security measures are in place that check submitted items from users to check if they are safe before uploading them to your website server.
3. Protect Your Web Forms. It is possible for hackers to fill out a contact form and place malicious code into the name or email fields.
Having a tech person review your website can protect you from leaving this opportunity open to hackers.
4. Set Up Strong Passwords. While many people are learning the importance of strong passwords, some still leave their use
ames at ‘admin’ or set simple passwords like ‘password123’ or use the same password for every online account they have.
Passwords like first names, pet names, and simple words are easy to guess. There are algorithms hackers can use to easily figure out your user ID and/or password when either are very simple.
Adding numbers, symbols, and capital letters to a password makes it harder to expose. Plus, many password management programs can help you generate a random hard-to-guess password.
This may seem inconvenient to have to memorize a more complex password but doing this to avoid being hacked is very much worth the effort.
5. Lock Down Your Directory and File Permissions. It’s important to have someone with technical expertise review your hosting server directories to make sure the read, write, and execute permissions are set in a way that allows for maximum security.
Look at folders, directories and individual files to review their settings to ensure your website is as secure as possible from harmful attacks.
6. Set Up A Generic Website Error Page. If you have a portion of your website where users need to log in with a use
ame and password, be careful what information you share on the error page.
For instance if someone is trying to log in and gives the wrong use
ame, it’s better to have a generic error message that says “wrong use
ame and password combination”. This way, you’re not providing would-be hackers any clues to guessing the login credentials.
Having the ability to lock a user from trying to log in after too many failed attempts can protect your website as well.
7. Use A SSL Certificate. If your website has a shopping cart system, a membership component, or collects sensitive personal data via online forms, it’s always wise to get a SSL certificate installed.
A SSL (Secure Sockets Layer) certificate will protect the data that is being submitted into your website by encrypting it as it travels from the web browser to your web server, making it much harder for hackers to intercept and malign.
Not only does an SSL protect your data but it also invokes a sense of security for your customers when they go to purchase. You will probably lose sales if you don’t have an SSL installed.
Additionally, Google gives a small SEO ranking benefit to websites with SSLs installed.
Make a Point to Review Your Website Security Today
If you feel uncomfortable doing a security review yourself, hire a “techie” to do it for you.
Plus, when you are hiring a web developer, making sure that they are aware of security issues and take a proactive approach to protecting you and giving your update the regular security updates it needs can keep your business website safe.
Has your website ever been hacked?
To your success,
Susan Friesen
Article author
About the Author
Susan Friesen is the founder of eVision Media, a boutique web development and Digital Marketing firm of over 15 years that specializes in designing, building and marketing professional, unique websites for entrepreneurs, businesses and organizations.
Visit www.ultimatewebsiteguide.ca and grab your FREE "Ultimate Guide to Improving Your Website's Profitability - 10 Critical Questions You Must Ask to Get Maximum Results".
Further reading
Further Reading
Article
Beyond the hype: Why AI projects fail and how to succeed
Artificial intelligence continues to dominate business conversations, but enthusiasm alone does not guarantee results. While many companies rush to adopt AI in hopes of gaining a competitive edge, a large number of initiatives still fall short. The problem is rarely the technology itself. More often, failure happens because organizations approach AI without the structure, readiness, and discipline required for long-term success. AI projects do not fail because the technology
March 4, 2026
Article
AI Avatar Development: Pros, Cons & Industry Use
AI Avatar Development: Real Innovation or Just Hype? In todayâs hyperconnected world, attention is currency. To stand out, brands can no longer settle for flashy features or surface-level engagement. They need to build meaningful, scalable, and personalized experiences. Enter AI avatars: digital humans that are revolutionizing communication by bringing lifelike presence to virtual interactions. Imagine a team member who never takes a coffee break, speaks ten languages fluen
February 27, 2026
Article
Beyond the Script: How Call Centers Keep Telecom Networks Running and Customers Happy
The Quiet Engine Behind Every Connection Most people think of telecom services as towers, signals, and mobile data moving invisibly through the air. Yet behind every call that connects and every message that reaches its destination, there is another system quietly working in the background. That system is the call center. While customers often interact with telecom companies only when something goes wrong, these centers operate constantly, guiding problems toward solutions an
February 23, 2026
Article
Why Lead Generation Alone Is Failing Solar Companies Without Appointment Expertise
Introduction The solar industry once believed that collecting as many leads as possible was the fastest path to growth. Marketing teams focused on filling databases with names, phone numbers, and email addresses. At first, the numbers looked promising. Dashboards showed rising interest and more inquiries than ever before. Yet behind the scenes, many companies began to notice a quiet problem. Revenue growth did not match the flood of leads. Sales teams felt overwhelmed, conver
February 6, 2026