How Protecting Your Site Will Save You Time and Money
Having your site hacked is an experience no one wants. Sometimes it is obvious that something isn’t right and other times it can take some time to discover that your site has been infected and has been spreading malicious code to other sites and users.
So how can you tell if you have been hacked? Here are some signs to look for.
Your site is visibly different
This can be due to several factors.
- Your site’s URL could be redirected to another site, often not family friendly.
- Your site is now promoting items that you did not authorize, such as Viagra.
- Your public site and your admin site now look the same.
- The hacker has displayed something on your site to indicate you have been hacked.
- Your site has been disabled by the host to prevent further infection.
Your site takes forever to load, or it crashes
If you have been hacked, and the hacker is using your site to send out spam emails, it can bog down your site and make it very slow to load.
You notice unauthorized activity
If you notice that new users have been added to your account, or emails have been sent without your authorization, you might have been hacked.
You receive notification
You may receive notice from your subscribers saying that spam emails are coming from your site, or you may receive notice that your site has been flagged for distributing malicious malware.
Being hacked is a frustrating experience that you may or may not be able to recover from. So, what are some steps you can take to prevent this from happening? Here are some tips to help keep your site safe.
Always backup your data
You have spent a lot of time working on your site and making your vision become a reality. Why not protect that hard work by backing it up on a regular schedule. If your site crashes for any reason, you can restore your website using your backup data.
There are many free plugins that you can use to backup your site. When selecting a plugin, be mindful of what it is they are backing up. Some will only backup the database, while others will backup the images and files too.
Prevent brute force attacks by setting up a website lockdown
Lockdowns are important as they prevent hackers from doing multiple password attacks to try to gain access to the site. If this type of attack was to occur, your site would lock down and you would receive notice of the attack. There are plugins available that allow you to set the number of attempts allowed before the site will shut down. Some will also block the hacker’s IP address after the attack.
Update to the latest version of WordPress
WordPress releases updates when they have created patches to fix breaches in their security. By staying up to date, you are preventing hackers from trying to use old issues with the security to gain access to your site.
Change your login and password
If you have set up your own WordPress site, you will know that the default WordPress login is “admin”. By leaving your login on the default settings, you are making your site that much more vulnerable to attack. By changing the default admin to something customized, you will make it harder for hackers to guess.
The next step is to choose a strong password. A good rule of thumb is to select a password that is at least ten characters long, contains upper and lower-case letters, contains at least one number and at least one symbol.
When setting up your login and password, it’s also a good idea to set up two-factor authentication. During installation, the plugins often allow the owner to select which two security measures will be taken for the two-factor authentication. Common combinations are to require the user to enter a password and then do a second step such as answer a security question, choose pictures that contain a certain image, or enter in the characters shown in a box.
Install a security scan
Scans, such as WP Security Scan, will review your site and notify you of any vulnerabilities that are detected. Once you know, you can then take steps to get rid of the vulnerability or to strengthen your security measures.
Change the table prefix
The WordPress database is the most integral part of your site. It contains all your posts, options, plugins, themes, etc.
Just like the default WordPress, admin is “admin”, the WordPress database table has a standard table prefix “wp_“. If you have not changed your table prefix, you are opening your site up to the possibility of SQL injection attacks. The simplest way to solve this is to change the prefix to something more random or obscure. The harder it is for the hacker to guess, the more secure your site will be.
Encrypt your data using SSL
Secure Sockets Layer (SSL) is the standard security technology that creates a link between the browser and the server. This important link ensures that all data passed between the two points remain private and integral.
By obtaining an SSL certificate for your site, you are making it difficult for hackers to either spoof or hack your connection. You are also helping to improve your website ranking as sites with SSL are ranked higher by search engines than those sites without.
To obtain an SSL, you can either purchase one from your hosting site or you can purchase one from a dedicated company and install it separately.
Protecting your site
While it’s not guaranteed that your site will stay off the radar of hackers, taking some precautionary steps will help protect your site from getting hacked. Many hackers are opportunistic and if they see your site as easy pickings, they will try to get in. If you have some security protocols in place to make your site harder to breach, you may be able to prevent an attack from taking place.
In plain terms, WordPress (WP) is simply the top free platform upon which one can create
fantastic fully-featured websites or blogs of any size (best among both free or paid solutions).
Learn more about WordPress here.
***Gain more insight about how to install WordPress & your options.***
If you would like to consider working with us on our Premium or Standard Plans on a ongoing monthly basis, then we can do the job FREE as a trial (with no credit card required and assumes you have a interest potentially becoming a Standard or Premium Plan member . . . otherwise, please use the single one-off job option below).
See here: https://www.wpwebsitehelp.com/#plansandpricing
2. If you only need us to do this one job only, then checkout here for this one-off single job.
See here: https://www.wpwebsitehelp.com/single-one-job/
Our plans can cover ongoing maintenance & annoying regular task items, of which, you should not spend your valuable time! This gives you peace of mind so you can focus your mind on your endeavor. We have you covered whether it is WordPress help or WordPress support for a business, personal, student, education, non-profit, or ministry endeavor.
Would You Like to Get Started with Us?
We would be honored to help you with your WordPress website or blog.
Jolene is a strong operations, compliance, and paralegal manager. She also loves to research and write about business as well as personal topics that help others.
Jolene @ The WP Website Help Team