“An ounce of prevention is worth a pound of cure” – Benjamin Franklin
Recently a company brought me 7 hacked WordPress websites, UUGGHH!!! This was no easy task and it took a week to get all sites cleaned and secure. The thing to know is; this could have been avoided with a few simple regular maintenance activities. Here are the steps to avoid being hacked.
Backup, Backup, Backup!
Installing a reliable backup plugin with scheduled backups that will sent them to an offsite location is key to being able to quickly restore a site that has been hijacked. There are expenses involved, but they are far minimal when compared to the cost of having your site blacklisted by a browser and the work it takes to get it back to a secure state. iThemes BackupBuddy is the plugin I recommend, it is simple to configure and the restore/migrate makes life so easy when a site needs to be restored quickly.
Install a Security Plugin
Installing a security plugin is crucial these days. While the open source nature of WordPress is wonderful for giving flexibility to the platform, it also allows for vulnerabilities. iThemes Security is a premium plugin but well worth the annual licensing fee. It is fairly easy to configure and iThemes support is excellent. There are some free security plugins, I am sure they work well given their popularity but I cannot speak from experience. Nonetheless, they could be a good place to start.
Update Regularly
WordPress and the many plugins are constantly pushing out updates to keep the software up-to-date with known bugs and issues. It is important to install these updates regularly. Always make a backup first just in case an unknown issue occurs with an update, you can quickly restore the site to its state immediately prior to the update.
Manage Users
Adding users to access the backend of the website is easy, but should be considered carefully. Keeping the number of admin users to a minimum. You also want to make sure that anyone logging into the site does so from a virus protected computer. And that they use a strong password (this something a security plugin can enforce).
Maintaining the integrity and security of your website is key to keeping the initial impression your clients and potential clients have when looking you up on the internet. If this seems like more than you are willing to take on yourself, no to worry kolbeco can provide hosting and ongoing maintenance support of your website. Just give us a call!