Keep your e-commerce business safe this Black Friday
November 2, 2021

As online retail is ramping up in preparation for Black Friday & Cyber Monday, so too are the hackers. Most store owners are focusing on increasing sales but do not forget about your website security at this crucial time.

Last year Black Friday weekend sales amounted to a whopping £6 billion in the UK! With numbers so high and the sheer amount of personal data flying around online, it’s an extremely tempting weekend for hackers.

A breach of security during Black Friday weekend will not only effect profit, but also damage a businesses reputation. A recent survey found that 81% of respondents would stop engaging with a business following an online data breach,

So how can you protect your online store? Website vulnerabilities come in all shapes and sizes and can sometimes crop up in unexpected places. It’s crucial you undertake a security audit before the Black Friday weekend. Below are the common vulnerabilities and how you can protect against them.

Out-of-date website software

Website software such as WordPress release security patches often, ensure your website is running on the latest version. You’ll not only be protected against the latest threats, but you’ll receive cool new features and stay ahead of the game.

Themes & Plugins

Ensure your website themes & plugins are supported and up to date. Running themes & plugins on old versions will leave your website vulnerable to attack. If your theme or plugin is abandoned with no updates for over a year, consider a website re-design on a supported platform.

Use 2FA

Many CMS have a default admin login page (For WordPress the is example.com/wp-admin) which means the hackers know about this login page too. Protect your account with 2FA (2 Factor Authentication) to protect against brute force attacks against your admin username and don’t forgot the use strong passwords that are not used anywhere else or easily guessable. We recommend using the WordFence plugin to enable 2FA on your account.

Use a CDN

A CDN (Content Delivery Network) not only speeds up your website by caching copies on various servers around the world, it also helps protect against DDoS attacks as they will take on the attack traffic ensuring they never reach your web hosting server. A CDN can be setup for free at Cloudflare.

Use a firewall

Using a firewall such as WordFence on WordPress will keep untrusted traffic away from your website. A firewall will also protect against commons attacks by blocking their IP when they meet certain criteria such as attempting to login as ‘admin’ or entering too many incorrect password attempts.

Backups

The most important but often overlooked aspect of running a website is taking regular backups and storing these away from the web hosting server. A good web host will include backups as standard but if yours doesn’t, we recommend using Updraft and storing your backup files in AWS, OneDrive or Google Drive.

If you’re performing website updates, ensure you take a backup first so you can revert quickly if you encounter any issues. We’d also recommend testing updates on a staging website first before undertaking on your live environment.

If you’d like to speak to a WordPress expert or would be interested in Blink Web looking after the maintenance for you, call us on 03303 410 910 or visit https://www.blinkweb.co.uk/wordpress-maintenance/

Related Posts

Critical Vulnerability Detected in WooCommerce – Update Now

Critical Vulnerability Detected in WooCommerce – Update Now

On July 13, 2021, a critical vulnerability affecting WooCommerce and the WooCommerce Blocks feature plugin was identified and disclosed via the HackerOne security program. This morning, version 5.5.1 was released as a patch fix to protected WooCommerce Stores. I have...

Keeping your small business secure online

Keeping your small business secure online

It takes years to build up your reputation but just one small cyber-attack can bring this crashing down in just a few minutes. The most common type of attack are Ransomware attacks. Ransomware Attacks Ransomware attacks and user data breaches are the most common...

Urgent Divi Theme Security Update

Urgent Divi Theme Security Update

The developers of the Divi WordPress theme Elegant Themes have released an urgent security patch to fix a recently discovered vulnerability. The Problem A code injection vulnerability was discovered by the Elegant Themes team during a routine code audit that could...