Security is an essential part of any business, and it is especially important for resellers. Approximately 30,000 websites are hacked every day, with one being hacked every 39 seconds. Websites must take specific steps to protect themselves from online threats, and that starts with the web host; you.
Here are 8 ways to improve the security surrounding customer data.
1. Force Strong Passwords
Even in 2025, people often choose insecure passwords like “123456” or “password” or other easy-to-guess options. While you cannot choose a password for your customer, you can enforce that they use strong passwords that include upper and lower case letters, numbers, and symbols.
On top of this, the longer the password is, the harder it is to crack. One of the best practices is to use a password generator. This helps users avoid using commonly guessed pieces of information, like their date of birth and other easy-to-obtain pieces of information.
2. Change Passwords Frequently
Even when using a strong password, it can still be guessed through brute force attempts; as such, it is recommended to change the password every three months. This lowers the probability that such attacks are successful. However, when changing passwords, it is important to avoid reusing old ones.
Implementing security options that block previously used passwords is a very important option. Unfortunately, even with this enabled, many users will still use variants of their existing password, but it is better for security overall.
3. Install An SSL Certificate
An SSL certificate enables data encryption, which substantially boosts the security of any website. You can tell an SSL certificate is active if the address starts with HTTPS and not HTTP. As a reseller, offering SSL certificates is a great way to add value to your hosting plans.
Luckily, the most popular SSL certificate, Let’s Encrypt, is free to use. That said, there are premium options available. At GreenGeeks, we offer access to Premium AlphaSSL Certificates. You can upsell these to your customers for better protection.
4. Enable Two Factor Authentication (2FA)
Even with the best password practices in place, passwords can still be stolen. As such, many websites utilize Two-Factor Authentication, or 2FA for short. This is a simple technique that asks the user to provide a code after inputting the password successfully.
The code can be obtained in several ways. This includes sending the code by email, text, or by using an authentication app. The best method is to use an authenticator app like Google Authenticator, as text messages and emails can be intercepted, whereas the hacker would physically need your phone to get the code through an app.
5. Keep Software Up to Date
Software updates are essential because they patch out vulnerabilities that hackers can use to gain access to a website and steal data. For example, if a customer uses WordPress, you need to keep the core WordPress files updated to the latest version for the best results.
Naturally, there are other things to keep updated in WordPress, like the theme and plugins that the site uses. Each of these presents a potential security risk if left unupdated for an extended period of time. As such, it is highly recommended to enable automatic updates.
6. Delete Unused Files & Tools
Every file that gets created or added to your site is a potential security risk. As such, minimizing the number of files is a great way to improve site security. For example, if you have a plugin installed, but no longer use it, then it should be deleted.
These unused files are often targeted by hackers as a potential location to leave a backdoor. This is because you are unlikely to check these files regularly or be familiar with what files should be present. As such, if you are not using something, delete it. You can always reinstall it if something changes.
7. Offer Security Plugin Installations
Resellers often create multiple hosting plans. One of the best ways to add value to these plans is to offer premium plugin installations. This often involves upselling customers a premium plugin and setting it up for them. This generates money and can boost security.
For example, you could offer access to the Wordfence Security plugin and properly set it up for the website. It blocks the majority of threats that WordPress sites face. It even has a free version that could be used to add some value to lower-tiered plans.
8. Create Backups Regularly
Even if you do everything correctly, there is still a chance that a website will get hacked. One of the best defenses is to restore the website before the hack takes place using a backup. This ensures that any backdoors a hacker left behind get deleted, and gets your website back online faster.
As a reseller, backups are yet another service that you can upsell to customers and attach to higher-tiered plans. Luckily, they are easy to perform, and you can do them at various frequencies (daily, weekly, monthly, etc.) depending on what plan the customer wants.