Your Website Is a Target for Hackers
Most website hacks are automated. Hackers use bots to constantly search the web looking for targets. They don’t care who you are, or what your website is meant for. What matters is if it’s vulnerable.
What Makes a Website Vulnerable to Hackers?
- Outdated or otherwise vulnerable plugins, themes or software
- Weak passwords
- Vulnerable hosting
How To Keep Your Website From Getting Hacked
- Keep all plugins, themes and other software up to date
- Always use strong passwords
- Use a secure web host
(see Deciding on Hosting for Your Website)
Besides the basics above, these proactive steps will keep your website secure.
- Regular scans to monitor for intrusions
- Constant uptime monitoring
- Proper SSL / HTTPS configuration
- Regular, secure off-site, complete website backups
What To Do if Your Website Is Hacked
If you’ve followed the steps above, your website should be secure. However if somehow you do end up with a hacked website, the best solution is to restore a complete website backup made before the hack. It is crucial that the backup is from a remote, secure location to ensure the backup itself wasn’t hacked.
When I say “complete” that means you should be replacing every file on the server. Hackers love hiding files all over the place so just restoring some of the website isn’t enough. After the pre-hack version of the website is restored you need to conduct a security audit to determine how the hack may have happened. Otherwise there’s no reason you won’t get hacked again.
If you don’t have a secure, complete backup ready to restore from you are looking at a long, difficult and costly process to get your website back.
I apologize for any fear mongering but I’ve seen this happen way too often. If you have any questions about website security, or anything else, please contact me here.