Wordpress Tips and Tricks

Hackers and Slackers

 

Did you know that people are trying to break into your website all the time? Motivations vary, but the main one is super predictable.

Money.

If you have developer that you trust you don’t have to understand the technical details or how to lock down your site (because you are paying the developer to) but you should understand a few of the reasons why an evil hacker would want to sneak into your site.

Here are the 3 primary ways:

1. Computing power

It’s not your website that the average attacker wants – it’s the power of its web server. This can be used to perform complex computations or simply to hide the hacker’s identity while the server – that is not linked to a name – performs other tasks.

2. Spam
Computing power can also be used to churn out zillions of spam emails, and in a way that’s hard to trace, since the emails will come from your server, not the attacker’s own computers. Often, by the time it’s spotted, the attacker has received his pay-off. Another way is to insert links into web pages intended only to be visible to search engines to help the destination websites move up the search rankings. Sneaky!

3. Serving up viruses
A hacked website can be modified to infect unprotected visitors with viruses – if the security on their PC/Mac/etc. Isn’t up to date. Viruses then allow the visitor’s computer to be used for the various purposes. Weak passwords, out-of-date plugins, etc., provide ways for the bad guys to use your computing resources to make money.

A few years back one of my clients had links all over her environmental website to some very naughty sites.  Yikes! It took us a full week to get rid of it all because we had to go through each and every one of her pages audit it (there are better ways to clean up now but back then you had to go through all the pages). I have had other clients come to me over the years with sites that needed to be cleaned up and, believe me, it’s not fun!

One of the best things that you can do to protect your site is to add a freemium security plugin like Wordfence. Wordfence is an anti-virus and firewall package for WordPress that protects your site from possible attacks, keeps you off Google’s SEO blacklist, locks out brute force attacks and helps repair hacked files. There are lots of other great plugins out there but the key is to make sure that there is SOMETHING protecting your website.

If you are on our hosting services we, of course, take care of security for you in addition to keeping wordpress and all the plugins up to date.  If you are on another host be sure to ask them what kind of security they have implemented and how often updates happen.  Most hosts have packages but you have to ask. If you are one of those DIY peeps then check out the video that shows you how to easily keep your site up to date.

Don’t be a slacker and update your site!