Website development is something that every organization should maintain in order to keep up with relevant, organic traffic while also implementing proper security to make their users feel safe. However, nonprofit websites have a few unique elements to them that other websites may not need.
One major contribution that takes minimal effort would be the addition of your nonprofit’s Employee Identification Number (EIN) allowing users to easily verify your tax exempt status. This measure, required to qualify for the Google Ad Grant, serves to legitimize your site and helps users feel secure in providing information or donating to your organization. Additionally, an SSL Certificate (Secure Sockets Layer) can show users that your site is secure and ranks the website higher with search engines. These SSL Certificates are becoming increasingly important and have also become a requirement for the Google Ad Grant.
There are a few other simple steps nonprofit organizations can make to ensure the security of your website. For instance, in order to protect your site from being hacked or infiltrated, if you ever need to share your username or password it is safer to take a screenshot of the login information than it is to type it out. This limits readability by bots, which are often used to capture login information through plain text. Another means of protecting your users and your reputability, is safeguarding against spam bots. These programs often infiltrate comment sections with spam or other inappropriate messages, and can even be used by hackers to take users to unsecure websites. Your first line of defense against spam bots is to turn on reCaptcha, which helps to validate that your commenter is a human, rather than a program. If you have a higher level of concern, you can always turn off comments completely.
It’s also important to stay up to date on plugins, themes, CMS, and third-party platforms to safeguard your website against emerging security risks. These different website features often have background updates that add security features to protect against ever-evolving threats. Keeping the back end of your website up to date allows you to easily take advantage of these new protections to help stop hackers looking for easy entry.
Due to the increasing number of attacks on websites worldwide and the abuse of website files, emails, and server resources, we at Cause Inspired have taken a multistep approach to ensure the safety of our hosted clients’ sites. We have a Malware prevention and monitoring system in place on all our sites and we are asking all of our clients to utilize Cloudflare services.
- Malware Scanning: We scan your site and detect even the most complicated and under-the-radar running malware.
- Complete Malware Removal: We clean your site end-to-end by removing all malware injections, malicious files, and backdoors.
- Hardens WP site: One of the many roles of our system is to harden the websites and protect them before they can be breached. We Block Plugin and Theme Installation, and Disallow Plugins and Themes to be installed or updated. This blocks hackers from installing their own malicious scripts if they get access to sites.
Cloudflare is a content delivery network (CDN) that provides multiple services that are beneficial to all websites. Some of the benefits include security, performance, and stability. Cloudflare stops malicious traffic before it reaches your origin web server. This adds an additional layer of protection to what we already have in place. The CDN analyzes potential threats in visitor requests based on a number of characteristics. Additionally, Cloudflare masks your origin IP address (hosting IP) so attackers cannot bypass Cloudflare and directly attack your web server.
Cloudflare also optimizes the delivery of website resources for your visitors which improves the load time of your website. Cloudflare’s global network provides a faster route from your site visitors to their data centers than would be available to a visitor directly requesting your site. Even with Cloudflare between your website and your visitors, resource requests arrive to your visitor sooner.