Securing your website
Safe surfing
Having your own website comes with responsibilities. As the website owner, you should be aware of the risks. Find out what measures keep your website secure and your visitors safe – and how best to proceed in the event of an incident.
Your own website – a must
Whether for your sports club, your own company, or your travel blog – a website is a must these days. You can quickly buy or rent a domain and hosting, and with just a few clicks, you can set up an impressive website. But with increasing frequency, criminals exploit insufficiently secured websites to spread malware or abuse them for phishing.
If visitors to your website get infected with malware, it's understandable they'll be angry. The same is true if criminals hijack your email address to send spam. Users also get frustrated if websites are down – such as due to a DDoS or ransomware attack. This frustration usually manifests itself in damage to your reputation, leading to lower business volumes and financial losses. But even criminal charges are possible, as well as deactivation of your website by the authorities.
Domain
The Internet is a giant network of computers. To identify them, each computer is assigned an IP address, which is a series of numbers.
A series of numbers is quite difficult to remember. Domain names were invented to solve this problem. Now if you want to visit a website, you don’t need to enter a long string of numbers. Instead, you can visit it by typing an easy to remember domain name in your browser’s address bar.
Think of it like a mobile phone: you want to call your mother, so you simply click on your contact "Mom" and your phone dials your mother's phone number. Domains are connected to IP addresses in much the same way.
Hosting
A hosting provider makes a server available with a wide range of services, such as processing the data necessary for operating a website.
CMS
A content management system (CMS) is software for providing website content. With a CMS, not only programmers but also ordinary computer users can create and publish web content.
Distributed Denial of Service (DDoS)
DoS Attack is the generic term for attacks on the availability of network services, mostly Internet services, such as Internet access. Web or DNS server.
The most common DoS attacks are:
a) email bombing; Sending a large number of e-mails to a recipient. Objectives of the attack are the recipient, by very long waiting times, or crash his system and the e-mail server, by increased load, or crash the e-mail system).
b) e-mail list bombing; Subscribing to a large number of mailing lists to a foreign e-mail address.
c) Distributed DoS (DDoS); DoS attack, which is performed synchronized by many systems.
In general, poorly protected systems with direct Internet connection and large bandwidth are used for such attacks. Small programs, so-called agents, are implemented on these systems and coordinated from a central point via so-called handlers.
«Your own website comes with responsibility»
How can you secure your website?
You can protect yourself and your website visitors from the risks of a cyberattack and its consequences using relatively simple measures. Hosting services also offer technical protection.
Trustworthy providers
Before you choose a provider, make sure they are reputable. Does the provider offer support? Does their website look professional? Think about what is important to you and compare different providers. As a website operator, you can also work with several different service providers. An offer from a single source is usually more efficient, however – also in terms of security. If you hire a web agency to design your website, it's worth checking what technical measures the agency uses to support your website security.
Passwords
Strong passwords and 2-factor authentication protect your website against access by cybercriminals. It is especially important to protect admin access to your CMS and other accounts.
Updates
Timely and regular updates of both your computer and the chosen CMS help to keep your website secure. Also don't forget to update any extensions or plug-ins installed in your CMS.
HTTPS – secure connection
As an internet user, you're probably familiar with the small padlock in the address bar of your browser. This symbol is always displayed if data transfer with the website is via an encrypted HTTPS (Hypertext Transfer Protocol Secure) connection. Always enable HTTPS on your website to protect it from eavesdropping.
Backup
To restore data lost or damaged in the event of an incident, you need a backup that is as recent as possible. This is why it's important to regularly back up your website and any associated database.
Is your website infected? Don't panic.
What should you do in the event of damage?
If you fall victim to a damaging event, you must react quickly, get help and possibly shut down the website.
More information is available here www.saferinternet.ch
What should you do if you suspect something?
If you suspect anything, scan the website and take the warning seriously.
More information is available here www.saferinternet.ch
