Coming in EverWeb 3.6: Enhanced Website Security
Monday, November 22, 2021 5:08 PM
Understanding how to secure your website properly can be a long and difficult task. Fortunately, we have taken the difficult part and made it extremely easy for you.
Coming in EverWeb 3.6 is Enhanced Security Settings with EverWeb Site Shield. Not only will you get HTTPS Secure URLs with the click of a button, but you can now get our enhanced security options to help protect your website, your visitors and increase your search engine rankings.
In Everweb 3.6 when you go to publish your website you can click the ‘Advanced…’ button next the ‘Use HTTPS Secure URLs’ checkbox to bring up the follow dialog. You now have options to enhance your website security with the follow options;
The top 4 website security settings include;
- Prevent 3rd party sites from embeddeding your website: This will prevent any other site from trying to embed your website in theirs which can trick visitors into stealing their personal information. This option will make sure maulicious sites can’t pretend to impersonate your site, steal your search engine rankings and mislead your potential visitors.
- Prevent content type interpretations: This option will not allow browsers to interpret the type of content they are accessing from your website. Should someone upload a malicious script to your site, this can help make sure it is not executed.
- Enable XSS Protection: Protects your visitors using older web browsers from cross site scripting hacks that can be used to steal their data
- Secure referrer policy: Although this option is not enabled by default because it may block data you may want to see in your website stats software, it is an important security enhancement. It will block the rereferring URL from being sent to the following website if the protocol switches from secure HTTPS urls to insecure HTTP urls which can help protect your visitor data.
The following options are more powerful but can cause website loading issues. That is why for the Content Security Policy we have a Test mode and a Production mode.
- The Content Security Policy will block access to resources that your visitors don’t need access to. While in test mode, any issues will simply be reported in the error console of your web browser. That way you can see if any content is not loading that should load. We recommend that you use test mode first and watch the error console. This will only be an issue if you are using third party widgets that are using insecure content. If you need help, please contact customer support.
- HTTPS Strict Transport Security will make it so that your website will never work if the HTTPS certificate is removed or if you happen to have a non secure url on your website. It tells your visitor that their web browser should not be able to access any resource that is not over HTTPS. Once you enable this option you will not be able to turn off HTTPS urls which you would probably not want to do anyways.
We recommend that all of these options are enabled to offer the most secure website. They may also give you a boost to your search engine rankings.
With this new addition to EverWeb 3,6, the EverWeb Site Shield Add-on price will increase deom $29.95 USD /year to $39.95 USD/year for new users only. So if you don’t yet have the Site Shield add-on, add it now to lock in this discounted price.
How to Add EverWeb Secure Site Shield With the Discount
If you want to take advantage of all the security features mentioned, follow these steps;
- Login to your client area
- Go to Services in the navigation menu and select ‘View Available Add-ons'
- Select ‘EverWeb Site Shield and click ‘Order Now'
- Once you purchase the add-on quit and relaunch EverWeb.
- Go to File->Edit Pubishing Settings in EverWeb and enable ‘use HTTPS Secure URLs'