Website Security

Website Security and Maintenance Checklist

Run a Security Scan

We use the **Sucuri SiteCheck Scanner** to check your website for: 

  • Malware
  • Viruses 
  • Blacklisting status
  • Website errors
  • Outdated software
  • Malicious code

Reviewing Site Settings

We review settings in a dashboard of a WordPress site for any potential vulnerabilities. For any possible code injections, we must secure these areas:

Contact Form

Contact forms are a common entry point for user input. Malicious code can be injected through these fields. All input fields must be validated to ensure security.

Captcha for Forms

Forms (e.g., contact forms) that accept user input and submit data to the server should include CAPTCHA validation to prevent automated programs from submitting forms multiple times, which could cause performance issues. 

Comments Settings

Public comment sections on blog posts should be reviewed and filtered for spam content before being published to prevent malicious or inappropriate content. 

Review Site Settings

Verify User Accounts and Permissions

Organizing user roles and permissions is essential to manage website access. We: 

Define necessary roles for all website users. 

Assign permissions to specific pages to ensure secure access control.

Website-Security-1
Perform Regular Updates

We conduct regular checks on the versions of software, plugins, and themes used. Any outdated or end-of-life components will be updated immediately to mitigate the risk of attacks.

Check Your Website Plan and SSL Renewal

All our website plans include a **free SSL certificate** for one year. However, SSL certificates require renewal to prevent malicious activity through your website URL. Think Web Solutions monitors these renewals as part of our maintenance plan to ensure timely certificate renewal.

Website-Security-2

Assess Website Traffic

Website traffic can cause downtime during peak periods. We monitor heavily used websites using **Google Analytics** and take the following actions: 

Perform Security Audit via Tools

We use online tools like **Acunetix**, a popular tool for web application security audits, to assess your website. A security audit provides insights into:

Malware

SQL Injection 

Cross-Site Scripting (XSS)

DoS and DDoS attacks