Web Design, SEO and App Development   |   Call Us Today On 01883 372488   |   Request A Quote

Security

/Security

HTTPS Or Not To HTTPS? That Is The Question

HTTPS are five letters which have been getting a great deal of publicity recently. With online security being more important than ever before, the addition of a HTTPS (Hyper Text Transfer Protocol Secure) certificate to a website will help to secure the connection to the website for your visitors.

Browsers nearly always provide an indication of whether the website your are browsing is secure or not. Just take a look at the address bar in the browser to see what we mean. Is the lock in the top left hand corner locked or unlocked? Does it say secure or not secure? The answer to these questions will tell you whether an HTTPS certificate is in place.

What Is The Value Of HTTPS For The User?

Everyone has the right to visit a legal website without worrying about what will happen to their details should a transaction take place.

Google has identified a number of reasons why the switch to HTTPS is beneficial for web users and webmasters alike. These include the fact that data sent using HTTPS is secured via Transport Layer Security protocol (TLS), which provides three key layers of protection:

  1. Encryption. Encrypting the exchanged data to keep it secure from eavesdroppers. That means that while the user is browsing a website, nobody can “listen” to their conversations, track their activities across multiple pages or steal their information.
  2. Data integrity. Data cannot be modified or corrupted during transfer, intentionally or otherwise, without being detected.
  3. Authentication. Proves that your users communicate with the intended website. It protects against man-in-the-middle attacks and builds user trust, which translates into other business benefits.

Value of HTTPS for SEO

In 2014, Google announced that HTTPS would being added to their ranking algorithm. Whilst very unlikely to be the difference between a page 10 ranking and a page 1 ranking, building trust with customers is a key part of any SEO campaign and therefore should definitely be considered.

With the majority of browsers making it clear if a website is ‘not secure’, without the inclusion of an HTTPS for your website, you are running the risk of scaring away visitors.

Would like to find out more about making the switch to an HTTPS connection? Give the Footprint Web Design team a call on Tel. No. 01883 372488 today.

Currently Browsing: HTTPS Or Not To HTTPS? That Is The Question

By | November 15th, 2017|Security|Comments Off on HTTPS Or Not To HTTPS? That Is The Question

Has The Importance Of HTTPS Just Increased?

It was reported several months ago that 30% of page-1 Google results in Moz’s 10,000-keyword tracking set were secure (HTTPS) as opposed to standard HTTP. However, as of just a few short weeks ago, this number had increased to 50%

Whilst there are no indications of a big jump, (perhaps highlighting that this is not linked to a major algorithm update, there can be no escaping the fact that these changes are significant.

What Does The Future Hold?

A crystal ball would certainly be handy on occasion but even following a low scale projection, estimates suggest that HTTPS could hit about 65% of page-1 results by the end of 2017. As with all projects, this is just an educated guess but as the image below taken from Moz suggests, the chances are strong.

HTTPS

What Should You Do About Your Website?

It’s very easy to get lost in the quest for SERPS but even if you are not too concerned about your Google rankings, it may still be worth taking a closer look at whether HTTPS may be beneficial for your website.

Whilst Google are currently denying that sites will be rewarded or penalised accordingly for using or not using HTTPS, browser updates such as Chrome warning visitors about non-secure pages can be very off putting to visitors and potential customers.

For any new website we would recommend seriously utilising secure protocols from the outset. The required security certificates are relatively inexpensive and any associated risks are low.

For existing sites though, the choices are tougher. All site wide changes carry an element of risk and therefore this decision should not be taken lightly. If you would like a chat about your website, please give the Footprint Web Design team a call on Tel. No. 01883 372488 today.

To read more about this Moz story, please click here.

Currently Browsing: Has The Importance Of HTTPS Just Increased?
By | August 7th, 2017|Security|Comments Off on Has The Importance Of HTTPS Just Increased?

The Top 3 Ways Your Website Can Be Targeted By Hackers

Trying to stay ahead of hackers can be a very tricky and time-consuming process. However, by getting to grips with some of the most common methods of entry to your website, your online security can significantly improve.

In the article below we will highlight 3 of the most common ways hackers can gain entry to your website.

No. 1 – Compromised Passwords

It will probably come as no surprise to know that attackers use a variety of automated methods of guessing passwords until they get the right one.The Top 3 Ways Your Website Can Be Targeted By Hackers

To help make things as difficult as possible we recommend 2 steps.

  • Ensure you use different passwords for each platform
  • Wherever possible, use a secure password (a password containing random letters, numbers and characters)

You can quickly and easily create secure passwords by clicking here.

It’s absolutely essential to avoid re-using passwords because once hackers have identified a working combination of username and password, they are almost certain to try all other services to see if they can gain access to those as well.

No. 2 – Not Updating Your System

Ensuring that Windows and any software which you may use are updated regularly is extremely important to avoid unnecessary risks

A recent ‘ransomware’ attack used a vulnerability in older versions of Windows to access PC.

It is not possible to overstate how important it is to periodically check for software updates for your site in order to correct any existing vulnerabilities.The Top 3 Ways Your Website Can Be Targeted By Hackers

Please Note – The best course of action is often to set up automatic updates for your software. This will ensure that even if you forget, any updates should automatically be installed without you having to take any further action.

For more on the recent ‘Ransomware’ story, please click here.

No. 3 – Keep All WordPress Themes & Plugins Up To Date

The use of plugins and themes with WordPress offer a fantastic way to increase the usability, functionality and look of your website. However, it must be noted that outdated themes and plugins can be a major source of vulnerabilities on websites

The good news is that through the dashboard of your WordPress website, you should be able to keep all themes and plugins up to date.

These are just a small number of the methods of entry which hackers can use to attack your website but the good news is that it is possible to take steps to beef up the security of your website.

Contact Us

If you would like to put your website in the hands of a company who can help to keep it safe, please contact Footprint Web Design on Tel. No. 01883 372488 today.

Currently Browsing: The Top 3 Ways Your Website Can Be Targeted By Hackers

 

By | July 3rd, 2017|Security|Comments Off on The Top 3 Ways Your Website Can Be Targeted By Hackers

How To Guard Against Malware Attacks

Cyber attacks such as Malware and the recently highlighted ‘Ransomware’ attacks are becoming all too common.

To help combat against the constant threat posed by cyber hackers and online criminals we have created a list of tips to help improve your online security.

No. 1 – Be Careful What You Open

The majority of ransomware attacks continue to spread via the use of phishing emails. These e-mails often contain attachments which look like invoices or tax rebates. Opening these attachments will allow the virus to infect your computer.

It’s important that you never open attachments unless you are certain that you know what they contain. Many viruses are spread via attachments that look like invoices and tax rebates so please be ultra cautious.

Top Tip – As strange as this may seem, many fake e-mails, web pages and attachments often include bad spelling (“PayePal” instead of “PayPal” for example). They also have a different look from the standard templates used by reputable companies. These should both act as a red flag.

Looking at the e-mail address that the e-mail as been sent from can often be another tip that something is not right. If you are unsure, forward the e-mail to the company that the e-mail purports to be from and ask them if the e-mail is valid.

No. 2 – Update Windows Regularly

Computer viruses such as Malware and Ransomware rely on exploiting loopholes in outdated software to infect computers. Therefore it is absolutely essential that you ensure all Windows updates are implemented at the earliest possible opportunity.

If you are currently using Windows 10, the operating system should be automatically set to update itself. However, if you are using an older version, the default setting may well be for manual updates.  If you use an older OS, you can find instructions on how to switch on automatic updates here.

No. 3 – Online Chat – What To Be Aware Of

Cybercriminals often use online chats, forums and apps to try and spread Malware. These often take the form of emergency messages.

As a general rule, Microsoft says, ‘Don’t click on a link on a webpage, in an email, or in a chat message unless you absolutely trust the page or sender.

No. 4 – Update Your Browser & Block Pop-Ups

Malware will try to exploit any weakness it can find to infect your computer. Blocking pop-ups and updating your internet browser regularly can significantly reduce the risk of being infected.

Top Tip – Whilst commonly used browsers such as Firefox and Chrome will update themselves automatically, it is still important to restart your browser every so often to make sure any recently installed updates are utilised.

No. 5 – Don’t Download Pirated Versions Music, Games or Films

We’re sure that none of you download illegal versions of anything but just in case you know someone that does, pirate website sites offering free music, games or films are often infested with malware!

Our advice is – don’t do it!

No. 6 – Back Up Your Files

Our final tip is not a preventative measure and is instead a damage limitation exercise.

Should your PC become infected it is essential that you have taken regular back-ups to ensure that the damage is not too severe.

Free online services such Google Drive and Dropbox offer the ideal way of backing up photos and data whereas removable hard drive (which you must not keep plugged into your computer all the time!) allow you to back-up and restore files quickly.

If you are a Windows 10 user, Microsoft has drawn up a guide for how to back up your machine and it can be found here.

Contact Us

If you would like to put your website in the hands of a company who will take it forward, please contact Footprint Web Design on Tel. No. 01883 372488 today.

Currently Browsing: How To Guard Against Malware Attacks
By | May 16th, 2017|Security|Comments Off on How To Guard Against Malware Attacks

Ransomware – Have You Been Attacked & What You Can Do To Protect Your Computer

In view of last week’s events which highlighted the constant risk posed by hackers and cyber-attacks (http://www.bbc.co.uk/news/health-39899646), we thought that now was a great time to offer a few tips to help guard against this ever-present risk.

However, before we offer our own tips on tightening your online security, we would like to address the specific threat from the ‘Ransomware’ which crippled many systems last Friday and would like to direct anyone who feels the could potentially have been compromised to read the information from United Hosting below.

“We strongly advise our customers to apply the following security update, released by Microsoft on March 14th this year: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx?f=255&MSPPError=-2147217396 , if not having done so already.

Overview of risk

Microsoft have announced a vulnerability in Microsoft Server Message Block 1.0 (SMBv1) server today. This service (SMB) is utilised to present shares, printers and more on a Microsoft Domain network.

This vulnerability exposes core Active directory components to Remote Code Execution from unauthenticated attackers. They would be able to execute any code they wished to potentially gain access to the entire network. The patches Microsoft have provided should be tested installed as a matter of urgency.

Specific Security reports of the Common Vulnerabilities and Exposures (CVEs) are below –

Vulnerability titleCVE number
Windows SMB Remote Code Execution VulnerabilityCVE-2017-0143
Windows SMB Remote Code Execution VulnerabilityCVE-2017-0144
Windows SMB Remote Code Execution VulnerabilityCVE-2017-0145
Windows SMB Remote Code Execution VulnerabilityCVE-2017-0146
Windows SMB Remote Code Execution VulnerabilityCVE-2017-0148

The released patches target the SMBv1 service and the way it handles the particular requests that can be used to exploit it.”

How does the virus spread?

One of the key questions regarding this attack is how did it manage to spread so quickly?

There are 3 primary methods of entry for Malware to a computer. These are:

  • Opening attachments or clicking on links in phishing emails
  • Downloading legitimate-looking
  • Visiting a malicious site (particularly if you are using outdated software, browsers etc)

Please Note – If an infected computer is hooked up to a network, the virus can then spread to other connected computers.

Is It Possible To Protect My Computer From The Ransomware Virus?

Many of the users who were affected were still using outdated versions of Windows such as Windows XP which was no longer receiving security updates from Microsoft.

If you are using an older version of Windows, we would recommend upgrading your operating system ASAP.

Microsoft’s current operating system is Windows 10. Two slightly older versions, Windows 8.1 and Windows 7, are also still available.

Am I Safe If I Have a More Recent Version of Windows Installed?

Even if you have a more recent version of Windows on your PC, we strongly recommend downloading all of the most recent updates and security software to increase your ability to guard against these threats.

The security patch that Microsoft released in March, named MS17-010, can be found online.

Windows 10, 8.1 and 8 all include Microsoft’s Windows Defender antivirus software as standard and this can be effective against many types of malware and ransomware. If you are still using Windows 7, downloading Microsoft’s free Windows Security Essentials software can be beneficial.

What to do if your computer is infected?

The National Crime Agency (NCA) encourages victims not to pay any ransom and to contact Action Fraud.

Further information and support can be found on the NCSC website.

They also recommend the following steps:

  • Run Windows Update
  • Make sure your antivirus product is up to date and run a scan – if you don’t have one install one of the free trial versions from a reputable vendor
  • If you have not done so before, this is a good time to think about backing important data up – you can’t be held to ransom if you’ve got the data somewhere else.

Contact Us

If you would like to put your website in the hands of a company who will take it forward, please contact Footprint Web Design on Tel. No. 01883 372488 today.

Currently Browsing: Ransomware – Have You Been Attacked & What You Can Do To Protect Your Computer
By | May 16th, 2017|Security|Comments Off on Ransomware – Have You Been Attacked & What You Can Do To Protect Your Computer
Top