• 0Shopping Cart
  • 1 Day® Website
  • 1 Day® Branding
  • 1 Day® Startup
  • 1 Day® SEO
  • 1 Day® Social
  • 1 Day® Digital
  • 1 Day® Website
  • 1 Day® Branding
  • 1 Day® Brandstorm
  • 1 Day® Startup
  • 1 Day® Strategy
  • 1 Day® Digital
  • 1 Day® SEO
  • WordPress
    • WordPress Web Design
    • WordPress Training
    • WordPress Website Maintenance & Support
    • What is WordPress?
  • Resources ▾
    • Blog
    • Website Preparation Guide
    • 25 Elements of a Magnetic Brand
    • How to Name Your Startup
    • A Startup’s Guide to Hiring a Web Design Company
    • Video Tutorials & Resources
  • Tools ▾
    • Core Values Exercise
    • Brand Archetype Quiz
    • Brand Voice Exercise
    • Style Moodboards
  • Portfolio
  • Events
  • About Us ▾
    • Our Team
    • Client Reviews
    • Past Clients
    • Press
    • Passion Projects
    • Get 1 Day Certified
  • Logo Store
  • Contact
  • Search
  • Menu Menu
Bizzy Bizzy Blog
WordPress website security illustration

WordPress Security: Important Things To Know

June 29, 2015/in WordPress, WordPress How To's & Tricks /by Candy Phelps

This is important security information about your WordPress website.

There has been a recent increase in the past 6 months of global cyber attacks, especially against websites built with open source software such as WordPress, Joomla and Drupal. In addition, there have been several major new vulnerabilities discovered in popular WordPress plug-ins.

The reason why more than 80 million websites in the world are built on WordPress is because it is inexpensive, scalable, robust and easy to use. WordPress allows non-technical people to make changes to their website without having to hire a developer and have an ongoing (and expensive) website contract. WordPress allows you to have control of your website.

But with the freedom of having total control of your website also comes responsibility. Unless you have a monthly contract or website care plan with a web development firm, your website is your responsibility, and there are steps that you need to take regularly to keep your website as secure as possible.

Watch This Video from Google About Why Hacks Happen:

Why Would Anyone Want to Hack Into Your Website?

WordPress website security is about risk reduction not risk elimination. No matter how many security measures are taken, there is no such thing as a 100% secure website. Almost all the tools we employ when building your website aim to reduce your overall risk, whether it’s limiting failed login attempts or setting up the appropriate file permissions. But if the security of Target, Citibank, Sony and other multi-billion dollar corporations’ websites and IT structures can be breached, this should be proof that website and cyber security is an ongoing arms race.

It’s obvious why someone would want to get into Target’s credit card system, but why would anyone want to hack into your humble small business website? The vast majority of website hacks are automated attacks by robots (not targeted attacks by hackers or terrorists). Bad bots constantly scan the internet and use password-guessing software to try to get into to people’s websites and accounts. If your passwords are strong, this greatly reduces your risk of these “brute force attacks” right off the bat. The robots can also identify vulnerabilities in your content management software, plug-ins, extensions and even your web host’s servers.

Most websites that get hacked are coincidental commercial hacks for economic gain, for example when an unscrupulous company is looking to get more backlinks to their website to help them get sales and gain exposure in search engines. They are not usually targeting your website specifically, but rather trying to use robots to get hundreds or thousands of backlinks from random websites to their website for economic gain.

The damage done by most commercial hacks is minimal if you have a backup of your website, but it can cause downtime and cost money to have a developer restore your website. Most websites don’t have anything of value, however if you have an e-commerce website or a website that collects sensitive information of any kind, you need to be even more cautious and take your website security very seriously.

What Can You Do To Make Your Website More Secure?

sitelock logo1) Sign Up for Sitelock

We have recently become aware of a product called Sitelock, offered via GoDaddy. This software scans your website for malware, vulnerabilities and suspicious activity.

We recommend the Professional Plan ($50/year) because it offers malware removal for certain types of attacks, which is very valuable. For a $35 one-time setup fee, we can help you set up Sitelock, or your host may set this up for you for free. Note: You can set Sitelock up with any hosting provider (you do not need to have a GoDaddy hosting account).

 

How to safely update WordPress plug-ins2) Keep WordPress Updated

You’ve likely logged into your WordPress site and seen big notifications saying you should upgrade WordPress now. You might also notice a circle near your plug-ins menu item with a little number in it, which notifies you that you have plugins ready for an update. The WordPress software, themes and the third-party plug-ins are constantly being updated. Updates may bring exciting new features that make your site better or easier to use. But most important, the updates bring important security tweaks.

You can updated your WordPress and plug-ins from the admin dashboard. Most of the time this works. But for the safest possible updating with no downtime, hire a professional to help.

Read about updating WordPress yourself…

Read about how the pros manually update WordPress

We normally recommend having your WordPress updated by a professional at least twice a year. Because of the recent security concerns, we recommend that everyone with a WordPress website get their websites updated now.

If you have a very simple website, or if your website has been built in the last few months or if you recently had updates done or a site migrated, you may be able to do the updates yourself with little risk. For most websites, however, we recommend hiring a WordPress developer to help you with these updates.

3) Scan Your Own Computer

If you have inadvertently downloaded spyware or malware onto your computer, your website and/or accounts could be hacked into. It’s important to have antivirus software on your computer and run regular scans. Read PC Magazine’s review of several free antivirus scanning software.

Additional information and resources about WordPress security:

http://blog.sucuri.net/category/vulnerability-disclosure

https://blog.sucuri.net/2015/02/why-websites-get-hacked.html

https://blog.sucuri.net/2015/06/10-tips-to-improve-your-website-security.html

http://www.techworld.com/security/10-hacks-that-made-headlines-3358062/

https://ppmts.custhelp.com/app/answers/detail/a_id/1236

https://yoast.com/wordpress-seo-security-release

 

Additional resources about updating WordPress:

https://my.bluehost.com/cgi/help/update_wordpress_plugins

https://www.siteground.com/tutorials/wordpress/manual-update.htm

https://premium.wpmudev.org/blog/wp-content/uploads/2011/07/WordPressUpgradeManual.pdf

https://wordpress.org/plugins/dropbox-backup

Tags: upgrading WordPress, wordpress, WordPress back-ups, WordPress security
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on Pinterest
  • Share on LinkedIn
  • Share on Tumblr
  • Share on Vk
  • Share on Reddit
  • Share by Mail

Recent Posts

  • Case Study: Underground Self-Defense WordPress Website Design
  • What Is a Domain Name and Everything Else You Need to Know
  • 10 Things to Do Before You Build a WordPress Website
  • How Not to Ruin Your Brand with Canva
  • What is Web Hosting and Which is the Best for WordPress?

Categories

Topics

1 Day Branding 1 Day Website blogging branding business branding business websites content management systems content marketing design ecommerce Enfold enfold theme free icons friday freebie Google Google Analytics graphic design Grow Your SEO how-to icon design icons logo design marketing networking rebranding responsive web design search engine optimization SEO small business websites tutorial web design Website Content website design website development website planning website redesign websites Wix wordpress wordpress how to wordpress plugins WordPress security WordPress training wordpress tutorial YouTube

Let’s Get Bizzy

© Copyright 2023 Bizzy Bizzy | All Rights Reserved

Email

info@bizzybizzycreative.com

Madison, WI

2002 Atwood Ave | Unit 211

Contact Us

LGBTQIA flagBlack Lives Matter flag

Newsletter Sign Up
How to tell if your website is “responsive” or mobile friendlyMadison Responsive Web DesignBacking up your WordPress website illustrationBacking Up Your WordPress Website
Scroll to top
Get a Website Quote!

Fill out this form and we’ll be in touch to discuss your project!

  • Leave blank if you don't have one yet.
  • This field is for validation purposes and should be left unchanged.

Take the free Brand Archetype Quiz and download the free ebook by Bizzy Bizzy

 

What’s Your Brand’s Personality?

Take our free 1 Day® Brand Archetype Quiz and download our ebook to discover how your brand fits into the 12 classic brand archetypes!

Find out more