Scroll to the bottom of the page to see our 10 Point Protection Plan or read the whole page to see why you want to protect your website.
Keep all aspects of your website installations up-to-date
WordPress is the most popular website platform in the world, with around 27% of all sites using the platform. Because of its inherent search engine friendliness, it's also the platform we use and recommend at Hubsite Builder.
One of the great things about WordPress is that it is open source, meaning that the code is publicly available to anyone who would like to contribute to its ever-expanding capabilities.
And one of the challenging things about WordPress is that it's open source, meaning that it is also vulnerable to hackers who have nothing better to do with their time and talents than to destroy what other people have built.
When a new vulnerability is discovered in WordPress, a WordPress theme or a WordPress plugin, then the community of coders gets together to quickly find a solution and make an update available to all WordPress websites.
Do you have time to check your WordPress dashboard every day?
Typically, these updates need to be made manually. In other words, you need to be logged into the dashboard of your WordPress website and click on the update button for each part of the site that needs additional protection.
Sadly, very few business owners have the time, awareness or inclination to actually do this on a daily basis, with the result that we have seen hacked websites that have been redirected to pornography sites, online dating sites and sites selling drugs that enhance various human capabilities ... if you know what I mean.
How would you feel if a client or potential client visited your website and found something like that instead?
Major updates introduce new features to the platform and minor releases deal with the bugs and site errors found in the new releases. Both need to be attended to as soon as they become available.
It is very important that you delete unused plugins and themes, not just deactivate them.
Use a unique username and a strong password
The default username for WordPress sites is 'admin'. If you use that, then hackers already have half of your login credentials! So you want to make sure that your web developer sets up your website with a unique username - not admin!
Short and simple passwords are easier for hackers to discover. Create a strong password for your site by using a combination of lowercase & uppercase letters, numerals and symbols. The longer the better.
Do not use the same password for different websites or other online accounts. I appreciate that it may be hard to remember different passwords for different sites but you would not want to risk having all your websites and online accounts hacked all at once. Try using services such as Last Pass or RoboForm to remember your passwords for you.
Limit user access
Keep in mind that you should not give just anyone website admin access. The more users with admin access, the bigger the chance that your website will be hacked.
Make sure those who do have admin access follow recommended security practices to protect the site from hacking. Therefore, you want to constantly update your user list, especially during staff transitions.
Backup your website
The risk of losing data in your website or worse, being shut down completely is ever present. This is where a regular website backup routine proves its value. Aside from being able to restore the altered files, you can also recover the entire website by regularly performing full backups.
A word of warning about some hosting company backups
Most hosting companies backup your website's database (the page content and images) weekly. However, this is not a full backup! In other words, it does not include your site's theme and styling.
Worse still, these backups are stored on the host's server, so if the server is hacked or goes down, your backup is lost too.
Even more bad news - if you have a basic hosting plan, these hosting companies will restore your site for you - at a cost per file. So if you have hundreds of files and they charge anything from $2 to $13 per file... well, you can do the Maths!
So, how do you set up and do daily updates for these essential protective measures and still have time run your business?
Ask us to do them for you!
Here's how our 10 Point Protection Plan (Digital Defence) can give you peace of mind:
- Replace the username 'admin' with a more secure username
- Ensure you have a very secure password.
- Make full backups weekly.
- Scan your site daily for malware and attempted attacks.
- Scan your site daily for security or functional updates to WordPress.
- Scan your site daily for security or functional updates to WordPress themes.
- Remove unused WordPress themes.
- Scan your site daily for security or functional updates to plugins.
- Remove unused plugins.
- Install several other complex protective mechanisms to keep your website as secure as possible.
FREE BONUS! We restore your website free of charge if it does become hacked while you have a current Digital Defence hosting & security plan with us.
Remember, no website hosting platform can provide a 100% guarantee that your website will not be hacked!
The bottom line is that when you engage us to put these security measures in place for your website, you have secured yourself peace of mind and in this case, peace of mind is something that money can buy!