Published on: October 10, 2022
SafetyDetectives spoke with Cameron Ashley co-founder of Ashbi Creative Studios. We discussed tips and strategies for businesses on how to secure their website and protect it from hackers, and what to do if your site gets hacked.
Hi Cameron, Can you tell me a little bit about your professional background? How long have you been at Ashbi Creative Studios?
I’ve worked professionally in the IT industry for 10 years at the University of Toronto and now am the head operations director at my own start-up company, Ashbi Creative Studio. Along with my partner, we provide content marketing and design services to companies looking to use new digital marketing tactics by sharing engaging and informative content with their customer base.
My partner and I started the company in August 2021.
What kind of design work does Ashbi Creative offer, are the clients mostly businesses or individuals?
We offer a number of design and marketing services for our clientele. Most businesses we work with make use of all our Branding, Graphic, and Web Design services. After we complete the design work, we start marketing by way of email, content, social media, and search engine marketing, along with paid advertising campaigns.
As a web developer, what are some of the tools you use to secure the website and ensure user privacy?
As a web developer, I use WordPress because of the extra security controls that ensure the security of my website and ensure user privacy. Some of these include:
- Cloudflare’s free service allows me to monitor websites for malicious activity, as well as protect against DDoS attacks and other forms of online threats. Honeypot techniques catch bots and other hackers by baiting them into website inputs that are visible to bots but not to real humans. Once these bots trigger the honeypot, the software will know it’s not a real human.
- Recaptcha3 anti-bot system prevents bots from accessing sensitive information or the website’s database. Real human visitors are free to use the site without friction, while bots will be stopped.
- I ensure all automatic updates are ON, including WordPress, plugins, and themes, so that hackers cannot exploit any vulnerabilities in outdated versions, which could lead them to gain unauthorized access to the website.
- It’s important to find a website host that provides extra WordPress security. These tools can disable parts of WordPress that are not needed or can be disabled most of the time. This minimizes the risk of being hacked while using WordPress.
What are the main types of cyberattacks that focus on small and medium-sized business websites?
The main types of cyberattacks that focus on small and medium-sized business websites are brute-force attacks, SQL injection attacks, and ransomware.
Brute-force attacks are when hackers try every possible combination of letters and numbers to break into a website’s password.SQL injection attacks are when malicious code is injected into a website’s database to gain access to sensitive information.
Ransomware is malware that encrypts all of your files and then holds them hostage until you pay the hacker a ransom fee.
Do you have any tips or strategies for businesses to protect their websites from hackers?
The best way to protect your website from hackers is to make sure that the site is running on the latest version of the software, which will have the latest security updates. If you’re using a platform like WordPress, this means keeping track of what version it’s running and updating it whenever there’s an update available.
The other way to protect your website from hackers is with Cloudflare. It works by acting as a proxy for your website, so if someone tries to hack into your site, Cloudflare will block them before they can get through.
You should also be sure to run regular tests on your website, including penetration testing and vulnerability scanning. These tests will show you if there are any vulnerabilities in your site’s code that could allow hackers access to sensitive information or other attacks.
Always keep offsite daily backups of your website. If anything goes wrong, you can deploy the full site to a new server.
If a website is hacked, what is the best way to regain control of the site?
If your website is hacked, the best way to regain control of it is to have a full backup of your site always ready to deploy to a new server. You can do this by keeping your passwords different on your website, domain provider, and hosting.
If your server is held hostage, you can notify your hosting, get a new server and deploy the website. If you keep your domain provider and hosting separate from your website, you can simply log in to your unaffected domain provider and point the DNS to the new server that is in your control.