Secure Your Website: Course Video Sections & Resources

Intro

Website Security Course Outline

Course Outline:

This course is split into 2 parts.

 

Part 1 is for understanding and setting up a baseline security for your website. 

This includes:

  • Secure hosting
  • Selecting the right plugins
  • Obtaining and configuring an SSL certificate for your website
  • Scheduling automatic backups 
  • And some best practices along the way

Part 2 is more advanced tactics and involves automating tasks and getting into some of the code of the website.

Don’t worry! 


Even if this is your first website, you will be able to follow along and secure your site. If you have any questions don’t hesitate to reach out!

 

Secure Hosting:

Cloudways Managed Hosting: https://www.cloudways.com/en/?id=158602

Use Code: SOULFULDESIGN at checkout for another 20% off for 2 months

Plugin Security:

Use this link for a quick plugin checklist: https://docs.google.com/spreadsheets/d/1waN4TafIuc3lJNDtX_yPzQzHF74EQxKlHeYTbZEBcnk/edit?usp=sharing

Intro To SSL Certificates:

Reasons to use an SSL Certificate for your website:

  1. If you are accepting payment or any potentially personal information from your users it will be a great idea to have.
  2. If you expect a lot of traffic or want to increase your SEO an SSL certificate is a good idea.
  3. Google is starting to show scary warning messages that could keep
  4. Your visitors from going to your website making it generally a good idea

There are 2 routes I’m going to show you for installing an SSL Certificate:

  1. The first is called LetsEncrypt and is LESS SECURE.
  2. If you expect to collect personal info or payments you should purchase an SSL and that is in the Purchasing and installing an SSl certificate section.

Note: If you purchase a certificate make sure its from a trusted “Certificate Authority”

Installing a LetsEncrypt SSL Certificate:

Link to their website for more info: https://letsencrypt.org/

LetsEncrypt Docs: https://letsencrypt.org/docs/

If you need to watch my first course to learn DNS basics 

here it is for FREE: https://skl.sh/2NH4CeE

Purchasing & Installing an SSL Certificate:

Where I get my SSL Certs: https://www.gogetssl.com/

Generate a CSR here: https://www.gogetssl.com/online-csr-generator/

Decode a CSR here: https://www.gogetssl.com/online-csr-decoder/

Check your SSL Certs here: https://www.gogetssl.com/check-ssl-installation/

Quick Note:

  • In the .crt or .cer file you will see the public certificate
  • In the .ca or .ca-bundle file you will find the certificate chain

Creating Admin Accounts & Password Best Practices:

Key Points:

  • don’t use Admin or any variation of admin for your admin username
  • Always use a long and good password
  • Make sure the username and password are kept somewhere safe

 Automated Website Backups:

Backups Plugin: https://updraftplus.com/

WordPress Plugins Page for backups plugin: https://wordpress.org/plugins/updraftplus/

Download button for plugin file:  https://downloads.wordpress.org/plugin/updraftplus.1.16.20.zip

Key Points:

  • Don’t leave it to yourself to perform backups, setup automatic backups with the plugin 
  • Make sure the backups are retained long enough for you to check every now and then so your backups don’t get overwritten
  • Always try to have backups performed somewhere offsite in case your server crashes like Dropbox

Pre-Enroll Below