The post WordPress Vs. Wix – Which Website CMS is best for my business? appeared first on Today's Business.

In today’s digital world, information is more prone to hacking than ever before, which creates a serious safety issue. Most websites can be developed and hosted on the Internet without thinking much about safety. Healthcare practices and other establishments in the medical industry, however, must proceed with caution for various safety reasons. In order to protect patients’ records and maintain confidentiality, medical institutions must create websites that are HIPAA compliant.

What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that provides protection and security for patients’ medical information. The U.S. Department of Health and Human Services enforces this law and sets HIPAA rules and regulations. HIPAA has two rules that must be followed to be compliant with regulations. The first rule, known as the Privacy Rule, pertains to protecting the private health information of a patient. The second rule, known as the Security Rule, encourages data security measures. This rule is particularly important to address when information is stored electronically.

How to Make Your Website HIPAA Compliant

Patients’ confidential information is most likely at risk if medical websites are being hosted with protection that provides basic encryption. In order to avoid violating HIPAA rules, websites must attain a high-level protection. This concern only comes into play when sensitive information is being collected and a third-party is involved in the transaction of data.

One of the ways to encrypt the transmission of data is by ensuring the website is secure. Secure Sockets Layer (SSL) can be used to prevent data leaks. Before entering any personal information onto a medical website, be sure to look at the URL. Websites with an HTTPS:// have an SSL Certificate that encrypts communication between a web browser and a web server. This means that the medical institution is following HIPAA laws.

Another way to ensure HIPAA compliance is by using forms to collect data that provide that extra security and protection. Typical Content Management Systems (CMS) may not have that level of security so it is best to use a third-party form builder that would be HIPAA Compliant. Cognito Forms is one of the best form builders that provide SSL encryption, data encryption as well as a secure hosting environment.

Medical Website Design

Healthcare websites must ensure the safety and protection of its patients is a top priority. As technology is constantly changing and becoming more accessible, it’s becoming increasingly important to have a high-level security system on your medical website.

Here at Today’s Business, we have years of experience in building websites for our clients in the healthcare industry. No matter if you are a private practice or public institution, we can help you achieve a HIPAA compliant website that looks great on desktops, tablets, and mobile devices. We can take over your Content Management System and provide your patients’ data the safety that it requires. Contact us now to find out more!

The post Why Medical Websites Need to be HIPAA Compliant appeared first on Today's Business.

Have Information Prepared

Before you log into your live chat program, make sure that all necessary information is accessible. If you have notes prepared regarding potential questions, you won’t have to spend time looking for the answer! Some things that you may want to include are important contact information, an FAQ with commonly asked questions and even a link to Google Maps just in case someone is asking for directions to your business. You should also have your website up in a separate window so you can answer any questions regarding where to find specific information.

Turn on Notifications

Once you are signed in to your live chat service, go into settings, and turn on notifications. Since you are probably not going to want to stare at your screen for hours, having notifications enabled will allow you to do other tasks while waiting for someone to ask a question. If your notifications include sound, you may want to turn up your volume so that you are sure to be alerted.

Want to leave your computer while still utilizing the live chat? Don’t worry, many services, including SnapEngage, have a mobile app that you can download straight to your phone or tablet. This is beneficial for people that are always on the go and don’t want to stay in their home or office while monitoring their website.

Don’t Wait, Communicate

When you finally get a person utilizing your live chat feature, don’t wait to respond. You want to stop what you are doing (unless there is an emergency), and reply to your customer. If you know that you are going to be doing something that will make it difficult to answer in a timely fashion, such as driving, turn off your live chat or have a co-worker manage it. People will be a lot more understanding if they see that the live chat is closed as opposed to typing a message and not receiving a response.

Inside Tip: You may be able to set up an automated response to initial messages. Creating an automated response such as, “Thank you for chatting! I will be with you in just a moment,” will buy you some time to respond.

Be Polite, Professional, and Understanding

When people use your live chat feature, it’s most likely not because they are bored and want to talk, (I say MOSTLY because you may find one or two people just chatting to test out the feature). The majority of your live chats will be because of an issue or a serious question that needs an immediate response.

When responding to live chats, always remember to be polite, professional and understanding. If someone had a negative experience with your company, apologize and make it apparent that you are here to help. They may be upset or lose their patience; however, if you stay calm and act professionally, you may be able to turn a negative experience into a positive one.

Get Your Customer’s Contact Information

Let’s be honest, you are not going to have every answer at your fingertips. If you need to do further research on a particular topic, get the person’s contact information. You also want to tell the customer that you are going to look into the situation further and that you will contact them as soon as possible.

Important Note: It’s better to get contact information and provide the right information than to guess and give the wrong answer! Being inconsistent makes your business look bad and will anger customers more.

Install a Live Chat on Your Website Today

Remember, every chat is a little different! You may not be able to prepare for every message you may receive; but if you follow these five tips, you can operate a successful live chat feature that your customers will love. Want to learn more about how a brand can benefit from live chats? Take a look at our case study!

The post Best Practices for Utilizing Live Chat on Your Website appeared first on Today's Business.

How SSL Works

SSL works by encrypting a connection between two points of contact: a client (e.g. a web browser) and a server (e.g. tbsmo.com) using symmetric cryptography¹. Each time a new connection is made, a unique key for the encryption is generated during the handshake protocol². That’s what makes SSL so powerful and reliable; because these keys do not exist before connection is made, so even if there was someone waiting to steal or just eavesdrop on your connection they wouldn’t be able to.  An attacker cannot change any info without sounding the alarms. Also, the message authentication code³ integrity checks to prevent alteration of data or prevent undetected loss of data during the connection transmission. I know it doesn’t sound like much, but the amount of algorithm that takes place for just you to connect to Facebook would take you thousands of times longer than our computers!

Does My Website Need SSL Certificate?

You are probably wondering if you need a SSL Certificate for your website, or if it just a waste. SSL is definitely a necessary addition to any website because it offers protection of you and your user’s privacy. If you have a website which requires the user to put in personal information such as credit card information, or if you have a service that requires the users to enter personal information such as bank account or social security numbers, then you ABSOLUTELY need a SSL certificate. You have a responsibility to keep that information secure. If someone ever hacked into your site they could steal all of your user’s personal information which leads to a lack of trust amongst your users and opens up the possibility for legal action against you.

Now I know you might be thinking, “Hey my website does not take any personal information and the most I ask for is phone number or email”. Sure, not much can come from not having SSL coverage for your site, however look it at like this: If you were having a conversation with a friend, nothing private just gossiping  in a public area, and then when you were in mid-conversation a random stranger who neither of you know comes up and stands right next to you and begins to listen to your conversation. The stranger doesn’t talk or have any expression, but is just there –  and even though he/she is not doing or saying anything you can’t help but feel awkward that this stranger is listening to and watching you. Now I know this is an odd thing to think about, but not having SSL on your site is essentially giving permission for others to listen to your conversations and watch your every move within the website; spooky! So to summarize, yes, you should have SSL on your site for that peace of mind for you and your users, but it is recommended/required if you are taking personal information from users.

What SSL Certificate is Best for Me?

SSL Certificates come in many shapes and sizes, but I can give you the right information to help you choose. First things first, there are different companies that sell SSL Certificates such as Symantec Comodo CA or even hosting providers like Go Daddy. Your first step is seeing if you can buy an SSL through your website hosting company (i.e. GoDaddy, Hostgator) and see what they offer. Comodo CA was voted the best when it comes to overall performance . If your host does not provide Comodo CA or no SSL period you can always purchase it and have your host import and install it on your server for your site. There are many prices ranges for SSL and it can be a tad overwhelming, so the best thing to do is think about what you are trying to protect. If you are just protecting information that is not very personal, but want some form of encryption you can purchase a standard SSL for around $50-$90 depending on your host and the SSL manufacture (i.e Symantec or Comodo CA) But, if you want to secure personal information such as credit card information, you want an SSL that gives the Green Lock icon below.

You can ask your host provider for the right SSL for this to happen because companies name it differently and it can be hard to understand which one does what, but I recommend you shop for around for that SSL because some might sell the same SSL Certificate at much lower prices. If you happen to have the cash to spend and want to one-up your competition you can get the highest end of SSL which is EV, which allows a green address bar with company name in the domain name such as this:

This form of SSL certificate is not cheap and is not as simple to get. However, it will show all users coming to your site that your site takes care of security needs, and shows that your company is trusted enough to be approved for the EV SSL which can help persuade a conversion or two from those users who are a little worried about their security and privacy for online shopping.

Sources/Definitions

1. Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext. The keys may be identical or there may be a simple transformation to go between the two keys. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link.
2. The process by which two devices initiate communications. Handshaking begins when one device sends a message to another device indicating that it wants to establish a communications channel. The two devices then send several messages back and forth that enable them to agree on a communications protocol.
3. In cryptography, a message authentication code (MAC) is a short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed in transit (its integrity).

Secure Sockets Layer, better known as SSL, is a cryptographic protocol designed to provide communications security over a computer network. SSL is used for web surfing, internet faxing, voice-over-IP and is used by, but not limited to, big time websites such as Facebook, Google and YouTube.

How SSL Works

SSL works by encrypting a connection between two points of contact: a client (e.g. a web browser) and a server (e.g. tbsmo.com) using symmetric cryptography¹. Each time a new connection is made, a unique key for the encryption is generated during the handshake protocol². That’s what makes SSL so powerful and reliable; because these keys do not exist before connection is made, so even if there was someone waiting to steal or just eavesdrop on your connection they wouldn’t be able to.  An attacker cannot change any info without sounding the alarms. Also, the message authentication code³ integrity checks to prevent alteration of data or prevent undetected loss of data during the connection transmission. I know it doesn’t sound like much, but the amount of algorithm that takes place for just you to connect to Facebook would take you thousands of times longer than our computers!

Does My Website Need SSL Certificate?

You are probably wondering if you need a SSL Certificate for your website, or if it just a waste. SSL is definitely a necessary addition to any website because it offers protection of you and your user’s privacy. If you have a website which requires the user to put in personal information such as credit card information, or if you have a service that requires the users to enter personal information such as bank account or social security numbers, then you ABSOLUTELY need a SSL certificate. You have a responsibility to keep that information secure. If someone ever hacked into your site they could steal all of your user’s personal information which leads to a lack of trust amongst your users and opens up the possibility for legal action against you.

Now I know you might be thinking, “Hey my website does not take any personal information and the most I ask for is phone number or email”. Sure, not much can come from not having SSL coverage for your site, however look it at like this: If you were having a conversation with a friend, nothing private just gossiping  in a public area, and then when you were in mid-conversation a random stranger who neither of you know comes up and stands right next to you and begins to listen to your conversation. The stranger doesn’t talk or have any expression, but is just there –  and even though he/she is not doing or saying anything you can’t help but feel awkward that this stranger is listening to and watching you. Now I know this is an odd thing to think about, but not having SSL on your site is essentially giving permission for others to listen to your conversations and watch your every move within the website; spooky! So to summarize, yes, you should have SSL on your site for that peace of mind for you and your users, but it is recommended/required if you are taking personal information from users.

What SSL Certificate is Best for Me?

SSL Certificates come in many shapes and sizes, but I can give you the right information to help you choose. First things first, there are different companies that sell SSL Certificates such as Symantec Comodo CA or even hosting providers like Go Daddy. Your first step is seeing if you can buy an SSL through your website hosting company (i.e. GoDaddy, Hostgator) and see what they offer. Comodo CA was voted the best when it comes to overall performance . If your host does not provide Comodo CA or no SSL period you can always purchase it and have your host import and install it on your server for your site. There are many prices ranges for SSL and it can be a tad overwhelming, so the best thing to do is think about what you are trying to protect. If you are just protecting information that is not very personal, but want some form of encryption you can purchase a standard SSL for around $50-$90 depending on your host and the SSL manufacture (i.e Symantec or Comodo CA) But, if you want to secure personal information such as credit card information, you want an SSL that gives the Green Lock icon below.

You can ask your host provider for the right SSL for this to happen because companies name it differently and it can be hard to understand which one does what, but I recommend you shop for around for that SSL because some might sell the same SSL Certificate at much lower prices. If you happen to have the cash to spend and want to one-up your competition you can get the highest end of SSL which is EV, which allows a green address bar with company name in the domain name such as this:

This form of SSL certificate is not cheap and is not as simple to get. However, it will show all users coming to your site that your site takes care of security needs, and shows that your company is trusted enough to be approved for the EV SSL which can help persuade a conversion or two from those users who are a little worried about their security and privacy for online shopping.

Sources/Definitions

1. Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext. The keys may be identical or there may be a simple transformation to go between the two keys. The keys, in practice, represent a shared secret between two or more parties that can be used to maintain a private information link.
2. The process by which two devices initiate communications. Handshaking begins when one device sends a message to another device indicating that it wants to establish a communications channel. The two devices then send several messages back and forth that enable them to agree on a communications protocol.
3. In cryptography, a message authentication code (MAC) is a short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed in transit (its integrity).

The post What is SSL & Do You Need It? appeared first on Today's Business.

Introducing WooCommerce CLI

WooCommerce Command Line Interface (CLI) is a set of command-line tools users can use to manage products, coupons, orders, customers and more for their online store. Even the most inexperienced users can benefit, thanks to its easy-to-use integration method WordPress. If you’re familiar with WooCommerce CLI, it is a much faster way to set up and enhance your online store. If you are interested in learning more about CLI, you can do so by checking out this easy how-to here.

Brand New Session Table

WordPress is built  to not have handling session data capabilities,  but WooCommerce found a solution with its wp-session-manager, enabling people to store user data into a WP options table. While this has worked well in the past, the WP-session-manager has reached a performance dead end, and truthfully doesn’t work well when it comes to cleaning up the data and scalability. Enter the new session handler, which uses custom tables instead of the WordPress options table. These new custom tables allow more data to be stored, and with its power it can handle more without slowing down the performance – not to mention, it is easier to clean up!

Other Cool Improvements

Dashing Dolphin is a big core update, and there are a ton of little edits and tweak – a complete list can be found at the bottom of their changelog. Overall, the online checkout flow was improved, thanks to the incorporation of different options – such as having the terms and conditions box before the place order button. The new update also brought on a convenient password creation alert, which notifies the user if the strength of their password is too weak. They also audited all transients and combined the old session’s table with the new. In addition, query speed should be improved because of the decreased reliance on the WordPress options table.

Template Changes

Because it is a core update, Dashing Dolphin has restructured the template files that are needed to add or change performance and functionality.  Here is the list of template files that have been version-bumped in 2.5:

• Single-product/review.php – Added new action hooks + verified reviewer code
• Single-product/add-to-cart/variable.php – Correctly escape variation data.
• Order/order-details.php – woocommerce_purchase_note_order_statuses filter.
• Order/order-details-item.php – woocommerce_purchase_note_order_statuses filter.
• Loop/add-to-cart.php – Uses supports_ajax_add_to_cart method.
• Global/quantity-input.php – Changed min and max attributes.
• Content-widget-product.php – File was missing version.
• Content-product.php – Action hooks to handle anchor output.
• Content-product_cat.php – Action hooks to handle anchor output.
• Checkout/payment.php – Support for new terms.php template file.
• Checkout/form-pay.php – Support for new terms.php template file.
• Cart/mini-cart.php – URL escaping.
• Cart/cart-shipping.php – Extra filters and some simplification of strings.
• Additionally all email templates have been updated to use a unified order details template (email-order-details.php).

Needless to say, big – and awesome – changes were made in this Dashing Dolphin upgrade. For a full reading of the release, check out WooCommerce’s development blog. There, you will find a full list of changes in regards to every feature, and links to even more info! If you’re new to website design and need to build a website for your store using WooCommerce and WordPress, check out our blog on how to build a site from start to finish!

The post WooCommerce Update 2.5: Dashing Dolphin appeared first on Today's Business.

Via Drupal.com

Drupal

Drupal was released in 2001 and is now used for 2.1% of the websites worldwide. Drupal has many of the normal features that CMS offer such as RSS feeds, taxonomy, page layout customization, and user account registration. The Drupal community contributes 31,000 modules, used to alter and extend the core capabilities, appearance, and even behavior of a site on Drupal CMS. Though it boasts how easy it is to use, if you have no knowledge on working or building a website it will take some time for you to get the grasp because of its high learning curve. Drupal is not very backwards compatible with its themes and software, which means whenever they update their CMS version you will need a new update theme to continue using it on Drupal. This can be a little nerve-racking when you have a business to manage and are trying to manage a website every year or so. Also, because of how Drupal runs its demands, a very high cache which some hosts don’t support or provide could cost you more for that service.

Via Joomla.org

Joomla!

Next we have Joomla, which is a free open-source CMS written in PHP, combined with the techniques of OOP or object-oriented programming. Since its conception in August 2005, Joomla has been downloaded over 50 million times and has almost 8,000 add-ons or extensions to change the appearance and functionality of the website as a whole. It includes features such as page caching, RSS feeds, printable versions of pages, news flashes, blogs, search, and support for language internationalization. Like WordPress and Drupal, Joomla uses themes made by the community; however the community steers away from giving these things for free so if you are planning on using Joomla as your CMS of choice just make sure to know you’re going to have to be ready to pay for it.

Via WordPress.com

WordPress

Saving the best for last we have WordPress, the most utilized CMS in the world. WordPress is used in more than 23% of the top 10 million websites of the world. Mike Little and Matt Mullenweg designed and realized WordPress in May of 2003 and it is now used in over 60 million websites worldwide. What makes WordPress so great is how easy it is to use even for beginners, yet it is more powerful than any other CMS out there. The community develops Plugins, which allows users to extend the features and functionality of their site. They produce themes that allow users to change the look and functionality, just like Joomla, however free themes and plugins that are very widely used are available for download which means they won’t break the bank. WordPress is easy to use right out of the box. It takes no more than 5 minutes to get it up and ready for you to design your site. What’s better is the excellent documentation they have online for people who are beginners to pros looking for a trick or better way to get their site how they want it. It also carries a WYSIWYG editor (what you see is what you get), which can be used if HTML is not your cup of tea. This will allow jQuery or PHP to be used to build out a page or the whole site! Unlike Drupal and Joomla the image management uploading support is integrated in the WordPress CMS instead of as a separate system.

Drupal, Joomla, and WordPress are three of the most used CMS platforms in the world and all make it easier for website design and building. WordPress is by far the most powerful and easiest to use compared to the other two contenders. However, Drupal and Joomla bring in features that can make a website really shine because of their customizability. WordPress is easier to use with its unbeaten online documentation feature, which can answer any and all questions you may have to create the website of your dreams.

If you are building a new website please check and read “How to Protect Your WordPress Site from Hackers”, so that you are prepared to protect your site and users from the dangers of hackers!

The post What Content Management System (CMS) to Choose for Your New Website appeared first on Today's Business.

1. Decide the Type of Website You Need

There are many different kinds of websites, but in my experience they can be broken up into five categories: Informational, Sales, Personal, Service, and Recreation.  Informational websites include wiki sites and reference sites.  Sales websites are self-explanatory; they are trying to sell you something.  They range from everyday items to the eccentric and unusual.  Personal websites are meant just for individual use, things like blogs and live journals.  Service websites consists of elements of both Sales and Informational.  They are usually business sites that both provide information and try to get you to sign up for a service.  These differ from sales sites because it is not a product they are selling but a service.  Recreational websites consists of things like Facebook and YouTube in which the goal is to keep the user on their website entertained.  Once a type is decided upon, we move onto the next step.

2. Register the Domain Name

A domain name is the address of your website on the internet.  It is very important to pick a unique and accurate domain name so that it will be memorable.  Make sure to pick a meaningful name as it can be difficult to change the domain name at a later date.  For an in-depth overview of registering a domain name you can check out TheSiteWizard.

Image via: Websites that Sell

3. Decide on a Website Building Platform

There are several different platforms that can be chosen when building your website.  These include WordPress, Drupal, Joomla, GoDaddy’s website builder and many others.  They range from simple drag and drop interface to full coding.  The platform you choose should be based off of your experience.  If this is your first website you may wish to start with something easy to use such as Squarespace, which has many drag and drop features and is very user friendly.  More advanced coders may wish to try programming their website by code alone with HTML5.

4. Create your Website

Once all of the previous steps have been completed you can begin to start building your website.  At this point there are many things that you need to decide on, such as font, colors, and layout.  Each website is different and you should not be afraid to make something unique.  Keep in mind though that the end goal of a website is to have people visit it, so try to keep things simple if you can.  Also, be sure to check the website of whatever platform you decided on previously and see if they have any instructional videos if you need help.

This step can arguably take you the most time.  There will be moments that what you thought you wanted turns out to be something else and if you are making the website for someone else, expect a long list of edits before the job is done.

5. Test for Errors

Once your website is finished you should then test it for errors.  There are several platforms such as Screaming Frog and Moz that can run scans to find any broken links on your website.  If broken links are found it is a good idea to remove them before the site goes live so that you do not have to write redirects down the line.

It is also a good idea to give the web address to some friends to see how it behaves on different devices.  Things like load time and responsiveness can change depending on the device.

6. Make it live

Your final step should, in theory, be the easiest.  It should simply be a matter of either connecting the website to your domain or disabling the “Website is Under Construction” function that is available in most website builders.  But things can go wrong, your hosting could go down or you could corrupt files if you make a mistake.  First timers should not be afraid to call hosting support or even have them walk you through the process.

So once it is all said and done you will have a completed website of your very own.  Congratulations. Now that it is live, you can get even more in-depth with your website by starting Search Engine Optimization (SEO).  If you want to learn more, check out my other blog How to Get Started with SEO.

The post Building a Website: From Start to Finish appeared first on Today's Business.

The Problem with Being Popular

Via

WordPress is an amazing and current platform to build a website on. In fact, it accounts for 74.6 million websites and is continuing to grow. The disadvantage of this immense popularity is it has become a huge target for hackers and scammers.  When you’re the most popular CMS on the market everyone knows your weaknesses and short comings. Each new set of patch notes acts as a blueprint for hackers to determine new vulnerabilities.

Another case of hacking on a wide spread scale due to immense popularity is Windows XP.  Windows XP came on to the market fourteen years ago and, still to this day, it accounts for 20% of all Windows operating systems in use.  During the height of its popularity it had many security vulnerabilities and was patched weekly. To this day, even though support for the OS has stopped, it is still vulnerable to attacks. I see WordPress following a similar trend with its constant updates and new versions.

The Problem with “wp-login-php”

The inherent problem with using the default login page for WordPress is that everyone will be using that same url slug to login to their website. One great plugin called Stealth Login allows users to create custom URLs for WordPress. You can also activate “Stealth Mode” which will stop users from being able to access wp-login.php. This is not a foolproof solution for protecting your site, but it will stop bots that seek out the wp-login.php file to get into your site and make it more difficult for hackers to find.

Another tactic that can be used on your login page is to limit the number of failed login attempts before blocking a user’s IP. With this data you can block that IP to stop forceful entry before it happens.  NEVER use Admin as a username. This is the first account created by WordPress and first username hackers will attempt when trying to break into a WordPress site.

The last tip that should be used on the WordPress login screen is removing the error message when incorrect values are entered. This will stop hackers from knowing what piece of information is correct and what is wrong.

The Problem with Easy Pa$$words

When most people create passwords, we make something that’s really easy to type, a common pattern, or things that remind us of the word password or the account that we’ve created the password for. Or we think about things that make us happy, and we create our password based on things that make us happy. And while this makes typing and remembering your password simple, it also makes it easy for a hacker to guess your password.

Similar to the login page of your WordPress site, the password you choose is crucial to preventing all types of hacks. Using long (12 characters or more) passwords that are not common words or phrases, special characters, and varying lower and upper case letters will make passwords that are nearly impossible to guess even by a super computer trying an infinite number of combinations of passwords. When sending these passwords over email one best practice I suggest adopting is sending a screenshot image of the password instead of the text. E-mails are not a secure way to send information and by adding it as an attachment or in the body of the email will stop bots from stealing this information.

The Problem with Outdated/Multiple Plug-ins and Themes

Via

Plugins and themes are two features that contribute to the popularity of WordPress. However, if one plugin that is installed on a site has security vulnerabilities, it can act as a back door for malware.  One recent example of this was with the RevSlider plugin. This plugin was pre-installed on many themes and due to its vulnerabilities resulted in over 100,000 sites being hacked. Here are some tips you should use to limit your plugin/theme vulnerability:

• Delete plugins and themes that are not being used. Old plugins that are no longer supported with updates or compatible with the newest version of WordPress are a liability.
• Don’t use a plugin from an unknown or unrated developer. Pay close attention to the plugin developer’s ratings and comments. Anyone can develop a WordPress plugin, and installing one of these that lacks continued developer support will lead to issues in future updates to WordPress.
• Update Every Week! Monthly is not good enough. The more outdated your plugins and themes, the more exposed you are to exploits targeted at these older versions.

The Problem with not Knowing Your Host and Network

In my experience, the two factors that have led to WordPress sites being compromised are lack of knowledge of your network/server and your shared hosting provider. When it comes to your network/server, you need to keep things clean and updated. It is a great idea to regularly run a full malware and anti-virus scan. Keep that software up to date!

Next, you need to check with your shared hosting provider. The hack may have affected multiple sites and not even started with your install. That’s not tremendously important if you still ended up getting hacked, but in those instances it can be a small comfort to know you haven’t been specifically targeted.

And on a practical note, you should be aware of whether or not your host is responsible or a theme/plugin. {Via Elegant Themes} The best advice I can give is to use a managed WordPress set up for all sites. Managed WordPress hosting is a service where all technical aspects of running WordPress are managed by the host. This includes security, speed, WordPress updates, daily backups, website uptime, and scalability.

The post How to Protect Your WordPress Site from Hackers appeared first on Today's Business.