Website Security – How sure are you about your site?

My goal here is to cover some of the basics of website security, in particular, WordPress website security because that is the platform we use for our sites. WordPress websites need the following to be secure:

  • Weekly site backups (real backups in the cloud)
  • Weekly updates of WordPress, themes and plugins
  • Solid, reliable hosting
  • A plan for how to deal with malware

These are all things that most any organization can do internally, but these are all things that almost every organization neglects. When they are neglected, sites often get hacked. The scary thing is that sometimes a site will be hacked and it will not be noticeable to the organization for an extended period. Let me give a few examples of obvious hacks and subtle ones:

Obvious hacks:

  • The site is down
  • The site is showing code at the top or bottom of the screen
  • The site has been modified with a goofy message like “you have been hacked by…”
  • The site has inappropriate / offensive imagery or language on it

Subtle hacks (which are scarier):

  • Some of the links within the site start redirecting to medication websites that could be embarrassing.
  • When you search for the organization on Google, it comes up, but the language about the organization is about selling a particular medical supplement (blue pill) rather than information about the organization.
  • When you search for the organization on Google the link back into the website redirects the user to an online store selling basketball shoes.
  • Someone gets access to your site and subtly posts weird blog posts all throughout your blog without you realizing it for months.

I have personally seen all of these hacks happen. The obvious ones get noticed right away and fixed. The subtle ones can go on for months until a user finally gets pushed to some weird site and then complains to the organization. I confess, I am writing this to scare you.

To maintain the integrity of your WordPress website you must do one of two things. Either commit to a weekly regiment of maintaining and updating your site and do it without fail. Or, pay someone to do it. If you don’t commit to one of those options, your site will be in danger.

As much as you might like kitten videos on YouTube, waking up to a homepage full of kitten videos because a hacker was bored last night is no fun.

5 Comments

  1. livessoonforgotten.com on November 23, 2016 at 11:14 am

    I blog frequently and I truly thank you for your content.
    The article has really peaked my interest. I will take a note
    of your site and keep checking for new information about once per week.
    I opted in for your Feed too.

  2. kopi hijau on November 24, 2016 at 5:39 pm

    Hello to every , as I am genuinely keen of reading this webpage’s post
    to be updated on a regular basis. It carries
    fastidious stuff.

  3. Paravex Male Enhancement on January 18, 2017 at 2:20 am

    Thank you for being the coach on this area.
    I enjoyed your own article a lot and most of all enjoyed reading
    the way you handled the issues I regarded as being
    controversial. You are always really kind towards readers really
    like me and assist me to in my everyday living. Thank you.

  4. masennus on February 20, 2017 at 2:35 pm

    There’s definately a lot to know about this issue. I love all
    of the points you have made.

  5. tiny on March 10, 2017 at 12:04 am

    Thanks designed for sharing such a fastidious thought, post is pleasant, thats why i have read
    it entirely

Leave a Comment