7 Ways to Increase Website Security, Without Sacrificing UX

Default avatar.
July 11, 2018
7 Ways to Increase Website Security, Without Sacrificing UX.

Did you know that the longest word in the English dictionary is 189,891 letters long? It is (and you can see a full spelling here). This word is the name for a protein dubbed Tintin” and would take you more than 3 and a half hours to say out loud. Pretty crazy, right? But why in the world am I sharing this with you today? Because 189,891 letters is way too long! It could have been reduced to 50, 25, or even 10 letters, but it wasn’t. Why? Because people love to complicate things.  And nowhere is this more true than in the realm of online security and user experience. You see, most self-proclaimed gurus will try and overwhelm you with fancy industry jargon and advanced (but entirely unnecessary) security recommendations in order to appear like they know what they’re talking about and sell you on overpriced services. But the truth of the matter is that increasing the security of your website without sacrificing the user experience is actually pretty simple. If you implement a few key tactics and adhere to some basic security standards, you can sleep soundly at night knowing that your website is not only easy to use but keeps you, and your users, safe. With that in mind, here are 7 quick and easy tips to boost your website’s security without destroying the user experience.

1. Use reCaptcha to Verify Form Submissions

Out of all the security recommendations I’m going to make in this guide, this particular recommendation is the only one that will have an appreciable impact on the quality of your users’ experience. Setting up reCaptcha for your various lead and purchase forms is admittedly, not a user-friendly thing to do. However, when you consider that this simple tactic will protect you from 90% of the possible spam tactics and form hacking, it’s well worth the 0.02 seconds it will require your users to validate that they are indeed Not a Robot”. To set up reCaptcha, simply follow the steps outlined on this page.

2. Limit the Plugins You Install (and Keep Them Updated)

One of the biggest mistakes that most webmasters make is that they download far too many plugins in order to improve the UX of their site. Like most things in the online space, a good user experience comes down to only a small handful of things such as a clean design, easy navigability, and fast load times. Adding dozens of unvetted plugins to optimize the minutiae of your UX is a guaranteed way to compromise the integrity of your website and expose your users’ private data to hackers. Instead, I recommend picking a small handful of plugins that are well reviewed and approved by your CMS or website builder and then stick to those. This will mitigate the chances that your website is (successfully) attacked and will make managing your site significantly easier. Just be sure to keep them up to date in order to patch potential weaknesses as they arise.

3. Create a Secret WP Login Page

By far the easiest way for a hacker to gain entry to your admin dashboard and wreak havoc on your previously immaculate website is through a brute force attack. A brute force attack is simply an attack where a hacker will go to your login page and then use an automated software to rapidly guess different number and letter combinations until they crack your username and password. However, a hacker cannot execute a brute force attack if they don’t know the login URL to your WordPress page. Most WordPress websites use the traditional /wp-admin/ URL to login to their site meaning that hackers know exactly where to go if they want to brute force their way into your dashboard. By using a plugin like ManageWP you can change this URL to a custom address like /my-secret-login/ and stop 99% of brute force attacks in their tracks.

4. Invest in an SSL Certificate

I’m baffled at how often I have to repeat this recommendation… An SSL (or secure socket layer) is a standard security protocol that establishes an encrypted link between a web server and a browser. This means that the information your customers and audience members submit on your website (such as names, email addresses, and credit card numbers) cannot be intercepted by hackers. This is good for the user experience and great for your site’s security. The installation of an SSL certificate costs around $60 and many top tier web hosts will provide them free of charge.

5. Upgrade (or Change) Your Web Hosting Provider

The security (or lack thereof) of your website is largely dependent on the quality of the web hosting provider that is hosting your website. A high quality web host acts as your first layer of defense against hackers and they will provide you with a free SSL certificate, network monitoring, firewalls, anti-malware, and damage recovery programs, just to name a few features. Do your research and find the web host that is right for you. Regardless of price, most popular web hosts today offer these types of security features and also include one free website migration, meaning that you typically can switch your hosting over to a new provider over the course of afternoon.

6. Use a Separate Platform for Your Checkout Pages

A simple and (relatively) easy to implement tactic for improving your website security is to use a separate platform for your checkout pages. For example, many marketers will offer a list of products on their website and then send customers to a secure Clickfunnels checkout page to complete their purchase. This strategy will take nothing away from the user experience but will add another barrier to entry for potential hackers ensuring that you and your customers remain safe and secure.

7. Setup Daily Backups

The worst user experience a webmaster can commit is to allow thousands of fans to lose access to one of their favorite sites overnight. And this scenario is much more common than you might imagine. By setting up daily (or at least weekly) website backups you will prevent your data and content from being lost in the event of a security breach and you will ensure that your fans always have a place to go for the latest and greatest in your particular niche. You can do this manually or ask your web host to backup your website on a recurring basis.

Sam Bocetta

Sam Bocetta is a freelance journalist specializing in U.S. national cyber defense, with emphases on emerging technology trends in information security, cryptography, and cyberwarfare.

Read Next

Apple Opts for AR over VR at WWDC

An Apple VR headset has been one of the most widely-rumored devices of the last few years, and it was finally settled a…

Exciting New Tools for Designers, June 2023

We’re halfway through 2023 already, and the number of incredible apps, tools, and resources for designers is mounting.

3 Essential Design Trends, June 2023

This month we are focusing on three trends within a bigger website design trend – different navigation menu styles and …

15 Best New Fonts, May 2023

The choices you make when selecting a typeface have more impact on your design than almost any other decision, so it’s …

10+ Best Tools & Resources for Web Designers and Agencies (2023 updated)

Having the ability to envision a tastefully designed website (i.e., the role creativity plays) is important. But being …

20 Best New Websites, May 2023

This month, there are tons of great new agency websites to get excited about. 3D animated prisms are a popular theme, a…

How to Find the Right White Label Website Builder for Your Agency

Web design agencies face a lot of obstacles in closing the deal with new clients. One of the most common ones is the ar…

Exciting New Tools For Designers, May 2023

There are hundreds of new tools for designers and developers released each month. We sift through them all to bring you…

3 Essential Design Trends, May 2023

All three of the website design trends here mimic something bigger going on in the tech space, from a desire to have mo…

10 Best AI Tools for Web Designers (2023)

It’s time to stop worrying if AI is going to take your job and instead start using AI to expand the services you can of…

10 Best Marketing Agency Websites (Examples, Inspo, and Templates!)

Marketers are skilled in developing strategies, producing visual assets, writing text with high impact, and optimizing …

15 Best New Fonts, April 2023

Fonts are a designer’s best friend. They add personality to our designs and enable fine typography to elevate the quali…