Don’t trade online? Site gets hacked.
What’s the worst that could happen?
Google may post a message over your home page like this…
Would you continue to the site after seeing that?
Overt hacks, where a site is vandalised, is annoying. Covert hacks are more harmful. Code may be injected into the site to distribute malware or record visitors keystrokes.
Once compromised, ensuring the ‘back door is closed’ to hackers can take weeks or even months. With ‘Ransomware’ they may demand significant payment to restore your site.
6 Tips You Must Follow
To log in to your WordPress site, you should always use 2-step verification. However, if this is too much ‘friction’ for you, at least follows these 6 steps.
They won’t stop the determined hacker, but it will add significant protection.
1. Avoid Weak Usernames
Never use the default “admin” or the name of the website as a username! It’s scary how many do. Hackers try these options first.
2. Avoid Weak Passwords
For help on this, read more >
- Do not use universal passwords
- Avoid obvious personal info
- Do not store passwords electronically
- Use alpha-numeric and mixed case characters
3. Limit number of login attempts
Lock out visitors after a maximum number of incorrect entries of
4. Be on Your CMS’s latest version
Whether it’s WordPress, Joomla, Drupal etc, upgrade to the latest version of ‘the platform’ immediately, to ensure you have the latest security.
5. Keep Plugins & Your Framework or Theme Updated
Whilst 3rd party software saves on development costs, they are also a vulnerable point of attack.
- Use plugins sparingly. 12 is low. 30+ is high risk.
- Only use well-respected providers
- Install updates as soon as they are released
6. Security Plugins
There are some excellent security plugins out there for blocking attempted hacks.
- Instal a plugin to track and lock out attempted hacks
- Instal a spam comments plugin to block users who post malicious links
As mentioned, whilst these six measures won’t stop the most determined hacker, these will make your site much more secure.