Website Security – How to Lock Down Your Site

One Friday morning, not too long ago, I woke up with very little on my agenda. I was pretty excited to put work on the backburner for the day and get some things taken care of at home. I checked my email first like I do every morning just to make sure nothing major is happening, and I got a message from a client… “My website has been hacked.”

 

Well, that was a turn of events!

 

After some investigation, I learned that the website had been hacked into, files had been added and changed so any future traffic would be redirected to a different website. The site needed to be restored back to working order—FAST.

 

I’m happy to say that there was minimal damage—it could have been so much worse had the hack not been discovered as early as it was. I was able to clean the site’s code and get it back up and running within the matter of a few days. A higher level of security was also put on the site to ensure that this will never happen again. Even with that being said, it was not a fun time for me or the client.

 

It doesn’t matter how big or small your website is, hackers are on the prowl every day, all day, just looking for opportunities to hack into your site. Having a security plan in place is so important and should never be overlooked.

 

How do website hacks happen?

Hackers are running automated scrips searching the internet for vulnerabilities. These vulnerabilities open the door for hackers and give them an easy way to gain access to your site. A very common hack is called “brute force attempts” meaning, passwords and usernames are automatically generated over and over until access to websites or hosting accounts are granted. Hacks can happen through your local computer via malware or over the internet where passwords to your website, hosting, and email accounts are stolen for a hacker’s use.

 

Common website hack types

  • Website defacement
  • Redirects to different website’s for the hackers own financial gain
  • Use of the resources you are paying for—such as hosting
  • Use your website to spread malicious software

 

Risks associated with a website hack

The cost of a website hack is more than just the price to clean up the mess. 

  • Your reputation can be damaged
  • Google rankings dropped
  • Blacklisted from Google search
  • You feel violated—someone just broke into your site!

 

Website security best practices

There are a few tips I have for security planning that everyone NEEDS TO TAKE. Don’t put your business at risk and go another day without a security plan in place!

  • Use quality hosting: Look into what your hosting company provides for security measures
  • Keep your site up-to-date: update your core software, plugins and any other software you are running
  • Use STRONG passwords for your website, hosting, FTP, and email accounts: also be sure to change them regularly
  • If running a WordPress site, change the wp-prefix on your database
  • Keep local and off-site backups of your website files
  • Implement a security plugin
  • Conduct continuous monitoring and run regular scans of your site
  • Call a professional- get in touch with me to implement a security plan that best fits your business and website.

I offer premium WordPress security, monitoring, file backups and more so you can have peace of mind!

I hear many people say they don’t need a security plan because their website is small or they are not getting much traffic. This doesn’t matter! It’s better to be safe than sorry and to have a plan ready to go before a hack happens. Lock down your site today.

Need WordPress Hosting?

Get FlyWheel!