5 Web Design Tips to Keep Your Open Source Website Secure
What is Open Source?
In the web design industry the term Open Source is widely understood. It has allowed web design companies and freelancers to build websites at a fraction of the cost and time that projects would take building from scratch. These cost savings have been past on to clients and have not only made web design and development more affordable, but also more robust and customizable.
Open Source Software commonly refers to software in which people can view or modify the programming code. The source code for Microsoft Windows, by contrast, is hidden. Only Microsoft programmers tasked with development, maintenance, and security can see it and make changes. Open Source Code is developed in a collaborative and community environment where developers can make changes that are visible for any programmer or developer in the community to see.
Anyone can download many of these programs free of charge and choose to join the development process by making modifications or viewing changes as they see fit. In many cases this open source development process has created better systems and platforms by taking input from multiple sources and making incremental improvements in functionality and design.
With a open source platform such as Magento eCommerce, WordPress or Joomla, anyone can download the platform, install it on a computer or web host, develop, and maintain the software. This allows greater flexibility, being able to customize the application as needed for a business or individual needs.
The popularity and use of open source platforms in the web design industry has grown immensely. In fact, WordPress.com ranks 20 on Alexa’s top 500 sites on the web. Google is ranked #1 as if that is any surprise. Freelancers and web design companies of all sizes are using open source platforms such as WordPress, Magento and Joomla to design and develop websites for ecommerce and marketing.
However, it is extremely important to constantly monitor the platform provider’s web site for security news, and manually update the software every time a security patch is released. For example, according to codex.wordpress.org there have been 6 WordPress updates in 2012 alone. Often an update is as easy as a click of the mouse. However, depending on plugins and extensions installed and customizations made to core code additional development work may need to be performed.
Remember no Open Source Platform is 100% secure.
Here is list of 5 simple tasks to ensure your open source website is secure.
1. Check for updates regularly – If an update had been released check to see if it involves a security patch. If so, make the update immediately.
2. Make regular backups of your site and database – If your site is compromised you can always install a previous version of your site or database.
3. Use a dedicated or VPS server over shared hosting – If another site on your shared server is compromised your site can be vulnerable.
4. Change administrator passwords regularly
5. Use SFTP encryption when connecting to your website via FTP – If you are unsure if your web host provides SFTP or not, just ask them. Using SFTP is the same as FTP, except your password and other data is encrypted as it transmitted between your computer and your website. This means your password is never sent in the clear and cannot be intercepted by an attacker.