Fetch & Funnel | WordPress Security – Your Site is Less Secure Than You Think
57474
post-template-default,single,single-post,postid-57474,single-format-standard,qode-core-1.2,ajax_fade,page_not_loaded,,pitch-ver-1.8, vertical_menu_with_scroll,smooth_scroll,grid_1300,woocommerce_installed,blog_installed,wpb-js-composer js-comp-ver-5.0.1,vc_responsive
WordPress_Security

WordPress Security – Your Site is Less Secure Than You Think

WordPress is one of the most hacked platforms on the planet. Your
chances of having a security breach with a WordPress website is
much higher than a plain HTML website or a customer CMS website.
It’s not because WordPress itself is insecure – In fact, WordPress
is extremely secure from a pure security standpoint. It’s because
of the nature of WordPress.

 

By nature, WordPress works through add-ons. To make the most of a
WordPress site, you need to use a variety of plugins as well as
themes. The real security vulnerability of WordPress comes through
these plugins and themes.

 

How Most WordPress Sites Get Hacked

 
WordPress sites get hacked when hackers discover a security
vulnerability in a plugin. It’s often not difficult to locate
thousands of sites running that plugin once an exploit has been
discovered.

 

For example, let’s say a hacker finds an exploit in a plugin that
adds a Facebook “like” button to people’s websites. He can just use
unique identifiers (called “footprints”) left by that plugin to
Google all the sites running that plugin.

 

Backdoors and More

 

What happens when your site gets hacked?

 
First, what most hackers do is install backdoors. These ensure that your site will “hack itself” should you ever try to fix it. Often time’s your PHP files, your database, your htaccess file and even your chron jobs can all be infected with backdoors.

 
Second, your hacker will do something with the site itself. They
might redirect your traffic, deface your site or use your site for
another attack.

 

How to Secure Your WordPress Site Against Attacks

 
So how do you secure your site against attacks if you’re not a
computer security expert?

 
The solution is actually relatively simple. Start by installing
“Better WP Security,” the top (free) WordPress security plugin.

 
This plugin will protect your PHP files, lockdown your htaccess
file, backup your database and regularly keep backups of your site.
Should your site get hacked, you can easily restore it from
backup. It’ll harden your security all around.

 
There are still aspects of your security that Better WP Security
can’t handle, such as your server security and your file
permissions. If your WordPress installation was done properly and
you’re on professional hosting, by and large, you can assume these
are handled.
 

If You Get Hacked, This is What to Do

 
The best way to repair a hacked site is to head over to eLance and
find a professional who knows what they’re doing to help repair
your sites. For between $50 to $200, depending on the extent of the
breach, you can find a qualified expert to help you remove all the
backdoors and patch the holes through which the hacker got into
begin with.

 
Unless the hacker deleted your site, generally you’ll be able to
recover everything and set your site back on course.

 

Would you like more digital marketing tips that are custom for your business? Call or text us for a free evaluation and ideas!

Samir About the author

Samir’s insatiable appetite for digital marketing and experience and desire to help businesses succeed and grow brought him to found Fetch & Funnel. Samir has run successful campaigns for businesses of all sizes. He’s consulted and assisted on marketing for some of the largest brands in the world. He believes there is not a one size fits all method of marketing as well as there can always be more a/b split testing!

No Comments

Leave a Comment: