WordPress owners: Update your website security to avoid hacking attempts

Jan 24, 2016

WordPress HackersWe are all busy with new clients and new opportunities this January. But unfortunately in today’s world we are facing more and more attempts to invade our world and our privacy. WordPress website owners must stay on top of security issues by updating the website on an ongoing basis. Hackers are working diligently, trying to access or websites.

The danger of outdated software plugins:

One of the top methods used to hack WordPress sites is through outdated plugins. Stay current with your plugin revisions to avoid this security breach. We’ve all work hard to improve our brand and nothing is more stressful than to discover our online presence has been compromised. Since millions of people are now using WordPress, hackers are taking notice.  As a design company we take special care to add the most current forms of security to all WordPress projects during the design process. However, once the site is launched, security updates cannot be ignored and must be continued by the client. The hackers, (black hat community) are constantly working on new ways to compromise websites and so it goes. It is a never-ending battle for website designers and for site owners to stay ahead of these internet bad guys.

Custom design versus WordPress: Which has proven to be a safer option:

Although custom design and programming has the best track record for being safe from hacking attempts, a majority of our new entrepreneurs are choosing WordPress platforms. They are making this choice based upon the content management capabilities. They prefer to be able to edit the site themselves, rather than paying a developer to enter simple text. WordPress is also more cost-effective than custom sites.
WordPress designers are able to customize these sites to a high degree so that their appearance is a one of a kind end result. Once the site is developed and launched, the client takes over as an editor. A word of caution to those who think they can easily purchase and download a WordPress template (without any programming knowledge and expertise). These folks will soon find themselves disappointed with the result. Additionally, WordPress developers add important safety measures during the design process. These additional steps are necessary to cover any security vulnerabilities in the WordPress template.

Taking over a WordPress site already in progress to add security:

We get many requests to takeover and add security measures to a WordPress site already in progress. In most cases, we have found that once someone else has worked on the WordPress platform, it has already been compromised and we need to start all over again. The client (unknowingly) may have deleted important coding which makes it impossible for us to salvage the current platform. Starting right is the best option. Contacting and hiring an experienced WordPress developer will save money and ensure you will be happy with the website. Otherwise, the WordPress site may appear to be a generic template commonly shared with other companies.

Hacking MethodsMethods used by hackers:

  • Embedded Code:  Malicious code can be embedded into the html source code to steal passwords and other data.
  • DOS attacks:  Denial of service means the hacker will bombard a website with millions of requests making it look like they are legitimate visitors to the website.
  • Bruce-force attack:  Hackers use a software program and try to guess your user name and password. Choose complex passwords to ward off this attack.
  • Code injection:  It is important to have a validation code included in your online form sometimes called “CAPTCHA”…. Prevents hackers from inserting malicious code.

Can hackers ever be completely stopped?

Unfortunately, at this time there is no sure way to protect websites from hackers. We strongly urge you to keep all website software up to date. Additionally, we suggest that you work closely with your developer, and keep a back-up of all files. We back-up our client files at least twice a month. Remember that these bad actors are always searching for vulnerabilities. If your site is hacked, you need to determine exactly what vulnerability allowed them to access the site. Once you find out how they got in, you can remove the affected files, re-load a clean copy of the site, and improve the security methods.
Thanks for stopping by and visiting with us. Stay connected for all things “design.”
Jean Holland-Rose
SEO Professional


Show Buttons
Hide Buttons