Resources to help you protect your WordPress website
WordPress Updates and Maintenance. Not exactly the fun stuff to talk about, but it’s absolutely necessary to keeping your vital business asset protected.
I’ve shared ways you can do your own maintenance and if you’re deciding whether to go it alone and maintain and update your WordPress site yourself, or hire a professional, you should carefully consider your options to see what might be best for you right now.
Keep ReadingWhy you should hire a professional to do your website maintenance.
Website security is a bit like health insurance – you never really worry about it until you absolutely, positively need it and it’s just too darn late to get it.
You may think, “Nah, that’s never going to happen to ME.”
Well, better think again!
WordPress maintenance. There’s two camps when it comes to WordPress maintenance. Camp one believes and knows the importance of having maintenance done regularly on your website, camp one also knows it’s best to have an expert handle all aspects of your website maintenance. Camp two sees the value in WordPress maintenance, but also feel, “I can handle the updates myself”.
Which camp you are in often depends on where you’re at in your business journey.
One common issue I see with my clients and when I’m setting up my Geek In Your Pocket clients is the lack of security on their websites.
Much of this is because you don’t know what you don’t know and as easy as WordPress can be to use, it’s just as easy to fall into the idea that installing a plugin will keep everything secure.
WordPress frequently comes under attack by hackers. WordPress installations around the world are subjected to large-scale brute force attacks everyday. These attacks are caused by networks of infected computers programmed to attack other vulnerable computers, also commonly known as “botnets”. What Is A Brute Force Attack? A brute-force attack is a technique used to break an encryption or authentication system by trying all possibilities. (Source: Chinese University Of Hong Kong) One of the many ways hackers use to try and break into WordPress sites is by trying to guess the site admin’s login username and password. This can be done with software tools that can work through hundreds of login combinations in minutes. If you’re using easy-to-guess usernames and passwords, your website can be easily hacked by the script’s repeated attempts to work out your site’s login details. This is called a “brute force” login attack. Botnets – What Are They? A botnet is a number of Internet-connected computers communicating with other similar machines in an effort to complete repetitive tasks and objectives. This can be as mundane as keeping control of an Internet Relay Chat (IRC) channel, or it could be used to send spam email or participate in distributed denial-of-service attacks. The word botnet is a combination of the words robot and network. (Source: Wikipedia/botnet) “Botnets” are networks of computers that have been compromised and infected with malicious scripts or software code, which are then controlled remotely as …
In early 2013 a global brute-force attack hit WordPress installations across almost every host server in existence around the world. These attacks were caused by botnets (infected computer networks programmed to attack other vulnerable sites). (WordPress powers millions of websites and blogs worldwide, which makes it an obvious target for hacking attacks) In March 2014, many technology sites reported that over 162,000 WordPress-powered web sites had been hacked. (160,000 WordPress sites were attacked in a massive DDoS attack in early 2014. Screenshot source: BlogDefender website) According to the Cnet report, “With some old-fashioned trickery, hackers were able to get more than 162,000 legitimate WordPress-powered Web sites to mount a distributed-denial-of-service attack against another Web site.” (Source: cnet.com/news/ddos-attack-is-launched-from-162000-wordpress-sites) As reported by security firm Sucuri, hackers had leveraged a well-known flaw to attack unsuspecting WP web sites and direct a distributed-denial-of-service cyberattack (DDoS) towards another popular website. When worldwide attacks happen on WordPress sites, it’s natural for website owners to start questioning just how safe and secure WordPress is as a software for running an online presence. WordPress powers millions of websites and blogs worldwide, which makes it a frequent target for hacker attacks. But should you be concerned about WordPress as a secure platform for building your business website? In this article you will learn some of the main reasons why you should definitely consider choosing WordPress if you are concerned about website security. Let’s start with the facts … Thousands …
Keep ReadingHow Secure Is WordPress? A Guide for Website Owners
Thousands of websites and blogs are hacked every year! Could yours be next? The scale of attacks on websites and blogs worldwide is increasing on a daily basis, and it’s only going to get worse. You can safely assume that if you haven’t been hacked yet, then it’s only a matter of time. On March 11, 2014, technology sites like Cnet.com began reporting that 160,000 legitimate WordPress-powered web sites had been hacked. (Image source: Blog Defender) According to the Cnet report, “With some old-fashioned trickery, hackers were able to get more than 162,000 legitimate WordPress-powered Web sites to mount a distributed-denial-of-service attack against another Web site.” (Source: cnet.com/news/ddos-attack-is-launched-from-162000-wordpress-sites) As reported by security firm Sucuri, hackers had leveraged a well-known flaw to attack unsuspecting WP websites and direct a distributed-denial-of-service cyber-attack (DDoS) towards another popular website. Every website or blog with a vulnerability offers some value to hackers. If you think that the information in your website offers little to no value to hackers, think again. Large, medium and small business sites, personal blogs, government web sites … even web sites owned by online security experts can and have been targeted. If hackers can discover a web security flaw that allows them to take over and control your website or blog, your web site can then be employed as a “bot” to attack other valuable websites. The harsh reality is that malicious bots are looking for weaknesses and trying to hack …