Web Security and Content Managers

There are different types of web: e-commerce, applications, corporate pages, restaurants or shops, among many others. To create them, each business or company decides if:

  • Use a content manager or CMS or develop your own code.
  • Use both. A company may decide to develop its own e-commerce code but implement its corporate website on WordPress, Joomla or any other content manager. And of the latter part who is responsible for maintenance is responsible for content.
  • He wants a developer or web agency to do the development of its web. But then they do themselves the content updating and the site maintenance.

Security and who manages web content

In any case may non-purely technical people carry out the content update and maintenance of the web. If we use as an example the case of maintaining a website developed on WordPress, even if basic rules are followed as:

  • Constantly updating the content manager and its plugins or components
  • Install only reliable plugins or components (and of course, payment if necessary)
  • Use of strong passwords and periodic change of passwords
  • Extra actions like password protected access or double authentication factor for users and administrators

Some of the components or even the CMS may have some not patched vulnerability and be at risk from possible infections. Not only that, it may at some point come to despair that the web is going too slow without making almost changes.

Web Security Solutions for Content Managers

That is when you can seriously consider raising the level of security of your website. And we say then because it is likely that until that moment you have not thought that it takes something more than the web in production and that maintenance is fundamental.

  • An application firewall that not only blocks attacks but also protects any web vulnerabilities. It will also stop the traffic of bots that try to login or spamear your web. This element acts as a shield and turns out to be an optimization of the performance of your web. All are advantages.
  • A thorough analysis of the health of the website. Just like in the management panel of your WordPress or Joomla you see information of the posts, the publication, users, SEO, sales, etc. You can have an exclusive panel that notifies you of infected files, if you are blacklisted, vulnerabilities. In the case of WeSecur, we clean those files every day. There are plugins that give you some information, but our recommendation is to have an external system. Here we explain why.
  • The two previous cases: protection, detection and cleaning. The waf case is preventive. But if someone is able to get your admin password your web can be infected in hours. And it can be as simple as seeing it annotated in a post it. That is why it is important to also keep a check on what is happening.
Web Security and Content Managers was last modified: August 30th, 2017 by WeSecur