In April 2018 I wrote a blog article entitle “How Secure is WordPress” where I focused on design, set-up, and on-going maintenance steps to keep your WordPress website secure.
I discussed:
- selecting quality plug-ins
- keeping WordPress and plug-ins updated
- regular scanning of the website for malware
- installation of security defense software on your website
- backing up your website and storing copies of the back-up in a location other than your website server for disaster recovery
- quality website hosting
These steps are still important and Web Image Designs offer WordPress security and maintenance packages that help keep our client’s websites safe.
In this article, I am going to expand my focus to address how to develop a strategic strategy for your business internet assets.
Domain Name and DNS
Two primary internet assets for your business are your domain name and your Domain Name System (DNS).
A domain name is a unique name that is used to access your website on the internet. It usually is somename.com. The part after the “.” is called the top-level domain (TLD). Internet Corporation for Assigned Names and Numbers (ICANN) maintains a list of available top-level domains. Your domain name is also generally part of your business email address – name@domainname.com.
The DNS is the domain name’s directory that tells the internet where to find your domain services such as your email and your website.
You must buy a domain name from a domain registrar. ICANN maintains a list of accredited registrars. ICANN’s list of accredited registrars includes many website host providers; however, I do not recommend buying your domain from the hosting provider where you host your website. If you decide in the future that you want to change website host providers this likely means that you will also need to move your domain name.
I recently had a client who hosted their website at Bluehost, their domain name was registered through Bluehost and their DNS was managed by Bluehost. Due to various performance and support issues with Bluehost, it was decided to move the website to another hosting provider. When the client canceled the Bluehost web hosting account, Bluehost deleted the domain name’s DNS entries. Therefore, when Bluehost deleted the DNS entries the client’s website and email no longer functioned. We learned that Bluehost does not provide DNS services for domains that do not have their website hosted at Bluehost. Therefore, we had to move the DNS to get the website and email functioning. We ended up transferring the domain name and DNS and closed the Bluehost account.
Godaddy will provide DNS services for Domain Names registered with them even if they do not host your website. However, if you are hosting your website with Godaddy and then your cancel your web hosting account with Godaddy, they too will delete your DNS settings. Unlike Bluehost, you can go back to the DNS and re-enter your DNS entries and everything will be fine.
Therefore, if your domain name, DNS, and web hosting are with the same provider be aware that if you move your website and close the web hosting portion of your account, your DNS entries may be deleted. Also, the provider may not support DNS services without hosting your website even though you bought the domain name from them.
How Do I Keep My Domain Name and DNS Secure?
In order to keep your domain name and DNS safe – and avoid the unpleasant scenarios that I described above – I recommend the following:
The business owner should own the account where the domain name is registered.
In 2004 when I first started in the website business it was common place for the web developer to buy the domain name for the client out of their agency account. However, now I recommend that the client be the owner of the account used to register their domain name. The domain name is the identity of your business or organization on the internet. Therefore, it should be treated as an important business asset and be under your control.
Buy your domain from a reputable domain registrar
Godaddy is a good place to purchase your domain name. They are a large corporation and they provide DNS services even if you do not have your website hosted with them. Generally, their support is good.
Be sure to use strong passwords and two-factor authentication on your account. If bad actors access your domain name account, they can take over your domain name. I do not recommend Godaddy’s web hosting services to my clients.
Keep your domain name separate from your other internet services
Keeping your domain name separate from your other internet services helps make sure everything is not down at the same time. If you have your website, domain name, DNS, and email all with one provider and there is a major issue with the provider you may not be able to access any of your services. If you instead have your domain name with Godaddy, DNS with Cloudflare, your email with Google, and your website with WP Engine it is unlikely that all three will be down at the same time.
DNS with redundancy
You cannot purchase a domain name from Cloudflare, but they do provide DNS resolution in data centers across 200+ cities and they boast 100% uptime and the fastest DNS in the world. In addition, Cloudflare has leading-edge security and protection against attacks and they provide CDN services. I recommend that you purchase your domain name from a reputable domain registrar, such as Godaddy, and change the nameservers to point to Cloudflare. This will allow the domain name’s DNS to be managed at Cloudflare. Learn more about Cloudflare’s DNS and how to update your nameservers to Cloudflare.
In summary, I recommend the following:
- Purchase your domain name from Godaddy
- Google or Microsoft 365 email through Cumulus Global
- Website hosting with WP Engine, SiteGround, or FlyWheel. Web Image Designs provides turn-key hosting services for our clients on these quality hosting services.
- DNS with Cloudflare
If you implement this recommended strategic diversification of your business internet assets and make off-server back-ups of your website you will minimize your vulnerability to attacks and provider disasters.