Setting Up a Secure Website

As of MAY 2019, there are 5.47 billion indexed pages on the World Wide Web, representing roughly 200 million active sites. That’s a lot of websites: is one of them yours? If not, how do you get one of your own?

Better yet: how do you get a site AND keep it secure from the myriad cyber threats out there? We can help.

Get Up and Running

From a high-view perspective, getting a website started isn’t particularly complicated in and of itself. If you’re a hands-on, do-it-yourself kind of person, CMS solutions like WordPress, Joomla, and Drupal make putting together a functioning website as simple as drag-and-drop. If you don’t know what drag-and-drop means, however, you’re probably going to want to acquire the services of a full-service design and programming service like Spilled Milkshake.

In either case, you must be aware that hackers and fraudsters are constantly looking for new ways to exploit web users and site owners. Keeping your site secure should be a priority from Day One.

Stopping Hackers Starts with Your Design

What will your site look like? That depends on a lot of factors: are you selling a product, or mainly just presenting information? Do you have a niche audience, or will you be dependent on a steady stream of heavy traffic? Will you want to offer videos? Will you take credit cards? All these questions and more should be answered before you even begin sketching ideas.

The two most important elements of the whole design process are user experience and user security. No matter what you want users to do on your site, the process should be painless, intuitive, and engaging. And users should feel secure that their information will be protected whenever they’re on your site.

One of the easiest and most effective ways to protect your data is by using a firewall. Understand: hackers have a plethora of cyber-attack strategies just waiting for the moment your website goes online. Automated “crawlers” are out there, constantly scanning for any vulnerable website—and newly launched sites almost always have chinks in their armor that can be exploited.

There are several brands of web application firewalls that easy enough to implement but can shut down attacks before they start. Think of it as applying mosquito repellent before you go outdoors: it’s not guaranteed to prevent every attack, but it assures you’re not as tempting a target as you might otherwise be.

Securing Customer Data

If you’re going to have users registering on your website—even if just a name and password—that information needs to be doubly protected. Especially if there is going to be any kind of financial transaction, your users will expect you to encrypt that connection.

Using SSL certificates creates a what is referred to as a “secure handshake” between your website and whatever device your user is on; that way, no third party can covertly slip in between and monitor—or worse, hijack—whatever transaction is taking place. Companies like GlobalSign provide identity services and SSL Certificates that are designed to work with the most common content management systems.


Obviously, there are a lot of smaller steps that make up the larger components of creating a website. Security alone is only one (albeit important) aspect, and it’s not a “set it and forget it” deal: as we mentioned earlier, hackers are ever-vigilant … meaning you must be, as well. While there’s no such thing as an un-hackable website, you can certainly make put machinery in place that will make most criminals pass you by for easier targets.

At Spilled Milkshake, we specialize in creating sites that are not only beautiful and functional, but also designed to thwart would-be hackers. Right from the start, we build in the best protections available, then monitor your site on a consistent basis, staying on top of software updates and applying relevant patches to keep your site secure. Give us a call to see what we can do for you.