Before you deck the halls and sing fa-la-la, there’s a critical list you should check, possibly twice. No, not that list. Santa’s got that covered. It’s time for your holiday website safety checkup.
While not as exciting as Santa’s naughty or nice list, your website safety is vital for the busy holiday shopping season. Complete this checklist and rest comfortably, knowing your customers and website are safe for the season.
Why Do a Website Safety Checkup for the Holidays?
Website safety and security should be a concern every day of the year. We recommend taking time in the fall to do a quick checkup on security because the holiday season is the busiest time of year for most online stores. You’ll experience higher sales volumes, heavier web traffic, and, hopefully, register new customers.
Santa’s elves invest a lot of time preparing and practicing for the big night. They don’t just assume that Donner, Blitzen, and company can pull the sleigh. The stakes are too high to fail, so they do practice runs and checkups.
The stakes are too high for your website security to fail during the holidays too.
Goals of a website safety checkup include:
- Minimizing and Preventing Downtime. Any downtime your site experiences can lead to lost sales during the holiday shopping rush. If a customer visits your site and sees an error or, worse, nothing at all, they might not come back. They’ll see if they can get the same or similar item from one of your competitors.
- Protecting Your Customers. Holidays aren’t just the season for giving. Unfortunately, it’s also the season for scamming. Your customers trust you with their personal information. You need to keep it safe.
- Minimize Risks. Website and data security are about more than customer experience and expectations. Data breaches can be incredibly costly to repair and may lead to liability on your part. A safety checkup ensures you’re doing everything possible to minimize the risks to your business.
Holiday Website Safety Checklist
Hopefully, most of your website security is on auto-pilot. Even so, it’s always good to check to make sure things are working the way you need them to. Use this checklist to identify and correct any safety issues with your website before the holidays.
Update All Your Systems
We’ve all been guilty of hitting the “remind me tomorrow” button when prompted to update our computer or phone operating system. But every time you do that, instead of an angel getting their wings, a security expert gets a migraine.
Procrastinating updating your ecommerce systems could have catastrophic effects for your business. Updates include security patches that protect your site from the latest vulnerabilities.
For WooCommerce sites, preparing for the holiday season includes updating your WordPress system, your WooCommerce software, all plugins, and your theme.
Check Your SSL Certificate
An SSL certificate allows you to encrypt sensitive data sent across the internet to prevent unwanted access. Most hosts, including Pressable, include SSL certificates for free. You can’t use secure HTTPS protocols without one. Make sure your certificate is current and configured correctly before the holidays.
Implement Password Best Practices for Customers and Employees
Require customers to choose strong passwords and consider offering two-factor authentication for increased security. The holiday season hopefully leads to an increase in new customers. Check your password settings so that all those new customers make a safe choice when setting up their accounts.
Team members also should be required to pick strong passwords, change them frequently, and use two-factor authentication when available.
Check Role Permissions
Limit the number of people with complete admin access to your website and other software. Do an audit of all your logins to delete unauthorized users and assign appropriate access levels for each user.
Backup Your Site
Regularly backing up your site is an excellent insurance policy against a site crash or security breach. Backups allow you to restore your site and recover your customer data quickly.
At Pressable, not only do we back up your site every night, we also include free access to Jetpack Security for one-click restores and automatic backups.
Use a Security Plugin
WordPress is an incredibly safe content management system. It’s also the most popular CMS in the world, which means it’s a frequent target for hackers. You can thwart the most common types of attacks with a good security plugin. Remember, all Pressable clients get free access to Jetpack Security.
Jetpack Security features include:
- Activity Log. JetPack keeps a detailed log so you can pinpoint what went wrong and fix it.
- Malware Scanning and Removing. Jetpack scans your site for malware and alerts you as soon as it detects something. The plugin also includes one-click fixes for removing malware.
- Spam Protection. Jetpack automatically clears spam from blog comments and website forms.
- Brute Force Attack Protection. Brute force attacks can cripple your site. The last thing you want to happen during the holidays. Jetpack can detect and block attempts from known malicious attackers.
- Downtime Monitoring. Jetpack notifies you as soon as your site goes down so you can fix it quickly.
Deploy a Web Application Firewall
Application attacks are the No. 1 cause of data breaches. To prevent them, you need a strong firewall.
All websites hosted by Pressable include a web application firewall (WAF). The firewall only allows legitimate traffic, like visits from your customers, through and blocks suspicious traffic. Pressable firewall guards your site against application-layer attacks like XSS or cross-site scripting, cross-site forgery, cookie poisoning, file inclusion, and SQL injection.
Great Security Begins With the Best WordPress Hosting Service
Security is a top concern for Pressable. That’s why we offer some of the best security features available for hosting a WordPress site.
Pressable clients get free SSL certificates, free access to JetPack Security, and our advanced Web Application Firewall. We also offer a free hack recovery service. If your site does get attacked, our team can help you set it straight.
Schedule a demo today to learn more about Pressable’s security features.
Jessica serves as the Director of Operations for Pressable and spends her days focused on creating the best managed WordPress hosting experience possible. She's been using WordPress since 2008 and has been serving in WordPress-focused roles since 2010. When she's not working, you can find her spending time with her family, serving in her community, watching hilarious dog videos online, or brewing a pitcher of iced tea.