Protecting WordPress Websites from Hacking
Website hacking reports on the nightly news in 2018 have become so common; they barely draw a yawn from many viewers. Website owners need to pay attention! It’s not just the mega companies and government websites that are targets of hacking.
Early adopters of the internet, many of which may have never updated their websites face a new more malicious world when they finally replace their outdated HTML websites with modern WordPress websites. WordPress’s worldwide use supporting the largest percentage of CMS-driven websites places any website built using the WordPress platform clearly in the sites of hackers.
New WordPress users may be surprised by the number and frequency of updates released annually, both for improvements and to shutdown newly found security exploits. Each new version of the WordPress core files is quickly followed by a flurry of updates from the thousands of actively managed plugins in order to maintain their compatibility. What website doesn’t use a contact form 7, Yoast SEO and WordFence security plugins as a bare minimum? Updating often seems never-ending!
As a webmaster educating new clients about the perils of the internet is not a task I take any pleasure in, least of all informing clients about the daily risks their very own websites are subject to. Advising clients to take the best available precautions is a responsibility we take very seriously.
In the earlier days of internet-connected-PCs, they often became riddled with viruses. Through the years we’ve learned to keep our PC software current with the latest releases geared more at closing security holes that allowed attacks than adding functionality and improving our user experience. We learned to install and constantly maintain Anti-Virus software to the latest annually released version. Connected to the internet these Anti-Virus programs automatically download the latest lists of viruses to help protect us from Malware infections which cause machine downtime and lost productivity.
Websites themselves are the targets of malicious activity today. Hackers exploit websites for many reasons. To send junk email and inject your website with pages containing links to low-quality websites. Infect your website so that anyone visiting your site is subject to having their PC infected. Hackers even hijack websites to commandeer the power of web servers to use in Bitcoin & Cryptocurrency mining activities.
What’s The Worst That Can Happen If I Don’t Keep My WordPress Website Up-To-Date?
The consequence of not updating your websites software is that the site may be hacked and compromised. In a worst-case scenario, to the point where you could have to rebuild your website. To date, we have not completely lost a website to hackers. We have had to manually clean up and repair several each year, over the past five years.
Once a site has been compromised it cannot only stop it from functioning… it can infect your website visitors PCs, harming your company’s reputation and expose sensitive data to the public. A hacked website can also place other websites hosted in the same shared hosting environment at risk, for this reason, serious providers will require you maintain your software monthly to the latest released versions.
The WordFence Security Plugin is installed in every WordPress website we build. Security plugins help keep hackers at bay but do not completely eliminate the risks. If your WordPress core software is outdated, WordFence may not stop attempts to exploit the holes in your websites armor. If your logins are Phished, it’s game on for the exploitation to begin.
For several years we have offered a full-service WordPress Management Program. While this service is ideal for busy clients with a budget to cover the monthly service fee, some don’t derive enough value from their website to justify more than minimal ongoing expenses. In these cases, an auto update plugin can be used to keep the website up-to-date.
Are There Any Risks To Updating WordPress on My Website?
There are some inherent risks with updates, they may not be compatible with one another. Conflicts can break your website and even shut it down. With our WordPress Management Program we check to make sure that post update, your website is still functioning and take corrective action when problems occur. We also maintain a full year worth of backups in case your site is hacked and either malicious software lies dormant and/or goes unnoticed for an extended period.
In the event the site would be broken as a result of an update, we can try to restore it from a local backup which is a standard part of our hosting accounts (a few daily, weekly and one monthly backup are stored). For those that opt for our WordPress Management Program, we also maintain 12 monthly backups off-site to have a deeper fallback ability to restore their sites in the event they are compromised.
More about WordPress, Web Sites, and Hacking:
To learn more about malicious activity on the internet and the risks for all websites including WordPress websites, you can read the articles you’ll find using the links below.
- Ask Wordfence: Why Is an Insignificant Site Like Mine Being Attacked? ( A March 2018 article directly addressing why your site is a target)
- Hacked: How Business Is Fighting Back Against the Explosion in Cybercrime (A 2017 Fortune article, see in particular the last paragraph “When it comes to hacking, a penny of offense can defeat a dollar’s worth of defense.”)
- 30,000 Web Sites Hacked A Day. How Do You Host Yours? (A short article on Forbes.com from 2013 that explains the situation well)
- HOW WORDPRESS SITES GET HACKED (AND WHAT TO DO ABOUT IT) ( A more in-depth article from 2016)
New clients interested in sharing in the workload of SEO and saving some monthly expenses often ask to write their own SEO content. Inevitably the question “How do I write content for SEO” is fielded. This recent whiteboard Friday presented by Rand Fishkin, founder of MOZ gives a great history and his take on how to write content for SEO in 2108. Current writing techniques start around the 4 minute mark.
Rand Fishkin is well known in SEO circles and was interviewed back in 2005 for a Newsweek article on the then-new subject and burgeoning industry of search engine optimization.
Stay tuned to see this beautiful site in development.
Navigating all of the options offered by the plethora of providers waiting to meet your every internet marketing need often seems like a minefield. Take one wrong step and you may be saddled with a web platform that not only does not provide the simplicity you desire and features you need, worse you can’t find anyone to help you.
Many providers will offer you their latest and greatest, best in class proprietary system that not only supports your website but makes your morning coffee and butters your toast. Once you’ve signed up with them, you find the cream used in your coffee is sour, they have no strawberry jam and worse some important feature you need for your website is not supported by their home brew system. Now you realize you’ve locked yourself into a system you can’t escape. Their proprietary system (supporting your website) is not transportable to another provider. No other webmaster knows a thing about their system and you can’t find anyone who can help you resolve your issues. What are you to do? You have no choice, you’ll have to abandon your website and investment to move to an open source solution supported worldwide!
WordPress is such a platform, supporting more than 20% of all websites worldwide. With thousands of plugins (many free of charge) that add-on functionality that expands the capability of your website at comparatively low cost. And perhaps best of all is the widespread support network. Not happy with your current webmaster? Simply move to another. WordPress is completely transportable from one host to another and virtually every webmaster works with WordPress!
Want to discuss the benefits of working with WordPress, contact us. We’ll guide you safely through the minefield!
Historically I’ve been slow to switch browsers. I held on too long with Internet Explorer before switching to Firefox way back when. Then stood by Firefox to long after Google had pulled their more than 1billion/year sponsorship. It’s been about 5 years since I switched to Chrome and so far there is no looking back.
I guess it would be too much to expect that any browser would dominate close to 100% such that we could see the end of cross browser rendering issues… but I guess we can dream!
Great article today in Website magazine by Travis Bliffen: SEO Pricing in 2017: Understanding the Average Cost of SEO Services – ‘Net Features – Website Magazine. Travis gives a detailed explanation of the labor and associated costs involved with the process of delivering SEO service. This is a must read for business owners with the need for internet marketing services.
In the articles summation, Travis mentions “I hope this opens your eyes to the evolving landscape of digital marketing and more importantly, why you should run when you get a cheap offer that seems too good to be true.” This is something I’ve shared with prospective clients for many years. It’s great to see others SEO sharing the same beliefs!
We’ve been telling our clients for years how important page load speed is. Years ago a study stated that you have 4 seconds to show a visitor what your website is about or they will more than likely use the back button on their browser to find an alternate source to supply their needs. Some get it, others prefer to have a twenty image slide show without regard for their website visitors time or bandwidth.
Perhaps your website is slow and you don’t even know it! Once you load your website on to your device it stores itself in your local machines cache, speeding up successive visits. We recently had an inbound SEO client whose site took 17 seconds to load. I personally had never witnessed one this slow. Websites that never loaded yes but never one that successfully loaded so slowly. I had to double check the speed from several sources to confirm that it was I was seeing was really a problem and it was. Still the client was unaware!
The bar has now been raised, or seconds lowered is it where to 3 seconds. See this great article and infographic by KISS Metrics using the link below.
Page loading time is obviously an important part of any website’s user experience. And many times we’ll let it slide to accommodate better aesthetic design, new nifty functionality or to add more content to web pages.
Great article in Bloomberg today that explores the seedy underworld of paid traffic companies. Many unknowing businesses are buying referral traffic from just such companies to increase their daily traffic. Turns out most of it, while cheap, isn’t even human. It’s BOT traffic. BOTS commandeer individual PCs using malware and then browse the internet clicking through websites and on ads. Moral of the story: check your traffic logs closely and investigate, you may want to reconsider buying that cheap traffic. As they say “you only get what you pay for!”
Read thw hole story here: http://www.bloomberg.com/features/2015-click-fraud/
Great article today in the MOZ.com newsletter written by Kelsy Libert. If you consider MOZ amongst the authorities on Inbound Marketing this study is a must read!
Here are just a few of the golden nuggets I culled from reading the results of this survey of 1,000.
- “Most likely to have a positive influence on buying decisions: Customer reviews, search, online articles, traditional advertising, and direct mail”
- “More than 88% use online search to seek out more information about a company, and greater than 93% had done so within a week’s time.”
- “A whopping 93.2% – almost the entire survey sample – used online search to find information about a company or product within the last week. Also within a week’s time:”
- “About 85% are positively influenced by customer reviews. 45% are significantly more likely and 40% are slightly more likely to buy something they hear about via customer reviews.”
Click the link below to read the entire article.
- How Can I Protect My WordPress Website from Hackers
- How to Write Content for SEO for a Website?
- New Project for Competitive Suspension Solutions
- Is Your Website the Old Ball and Chain?
- Long Live Chrome!
- SEO Pricing in 2017: Understanding the Average Cost of SEO Services
- Website Page Load Time is Critical to the Success of Your Business
- Is Your Purchased Website Traffic Even Humans?
- MOZ Survey – The relative power of Today’s available Marketing Channels – A must read!
- Even Google needs an SEO!!