Significant Increase In The Volume Of Website Attacks
You may wonder why someone / something would want to try and hack your website. The purpose of the majority of website security breaches are not to steal your data or deface your website. What hackers are attempting to do is use your server as an email relay for spam, or to setup a temporary web server, normally to serve files of an illegal nature.
Hacking isn’t personal, typically hacking is performed by automated scripts written to scour the Internet in an attempt to exploit known website security issues in software. The volume of hacker attacks is constantly increasing with cyber crime, hacktivism , cyber war and cyber espionage all being key drivers. As these activities increase here are 6 tips to help keep you and your site safe online.
Note: there is no popular web technology nowadays not targeted by hackers and robot
5 Approaches To Help Keep Your WordPress Site Safer
1. Ensure Your Site & Plug Ins Are Updated
It is important your WordPress site is updated all the time. Developers are constantly working to improve the both functionality and solve security issues. These improvements are based within a new release so if they release an update, it is a good idea to update. The complexity of your WordPress site will impact on the number of plug ins your site features. Plug ins should also be updated but care needs to be taken to ensure that this action is performed in an integrated way so as to avoid conflicts or breaking site functionality.
Older versions of WordPress will not get security patches, much the same way that older OS’s see support expiration.
2. Strengthen your password
We are still amazed when we go into companies and their user name is admin and their password is A1B2C3D4 Unfortunately weak passwords in whatever environment are likely to be compromised at some point. We would suggest that strong passwords are used that are made up of small and capital letters, numbers and different symbols to make your password not difficult, but impossible to guess. Once somebody has full access to your website, it’s not yours anymore!
If you struggle with passwords there are some great tools like Roboform that help you create and manage your passwords
3. Always Back-up
Backing up your website regularly is recommend as well, because no matter how much you protect your website, anything can happen. There are always going to be things you can’t even do anything about and it is good to have a back-up which you can install again right away. Clients who use our Secure Hosting Service benefit from a continuous daily 30 day rolling back up so are lucky enough to be supported in this area.
Check up your back up arrangements before its too late.
4. Never use “admin” as login username
A common mistake for businesses to make is to use “admin” as the login username for all employees who administer or edit the site. We suggest that for each person who is going to have edit capabilities you create a new account with a unique username and strong password. The “admin” account is quite dangerous to use because all the robots go for it.
5: WordPress / Website Security is an ongoing responsibility
Keeping your WordPress / Website site maximized for security is a 24/7/365 ongoing responsibility, just like all other areas of IT security. Unfortunately you can’t just configure a number of settings or programs and then forget about it. Your WordPress site should be scheduled for malware and vulnerability scanning, along with updating.
Plug ins provide fantastic off the shelf functionality. If you choose and install plugins on your site, be sure to only install plugins offered through your admin panel or under the plug-in directory at wordpress.org. Other plugins may be secure, but it’s best to mitigate the risk. Officially released plugins are audited for security and scanned for malware. We always evaluate plug ins on a secure development website to evaluate their functionality and performance before installing them on a live customer site.
Securing & Protecting Your WordPress Website
With the increase in hacker activity a robust and thorough approach is required to ensure the safety and security of your website.
You site could be in potentially one of 3 states
- Infected with malware but you don’t know that (i.e. on the surface the site looks and performs normally)
- Outdated WordPress and plug ins that need significant coordinated upgrading
- You currently have an up to date site which now requires regular updates and maintenance to keep it upgraded and ahead of the hackers