Having your website hacked is similar to coming home and discovering you have been burgled. The sinking feeling in your stomach is the same, but police and insurance companies are not going to help you. It can take days or even weeks to get everything back to normal again if you have not taken adequate measures to protect yourself. If you operate an online business, being offline for any period can have detrimental effects on your business. So what makes your site vulnerable to hackers and what can you do to prevent it happening to you?
Do you still use the easy to remember “123456″ as your password or your pet dog’s name from your childhood? Consider changing that! These days, criminals use automated software that can guess billions of username/password combinations in just seconds. Once a criminal latches onto a server which doesn’t lock them out after a number of incorrect guesses, the software just keeps trying on auto-pilot until they gain access. Consider using a combination of lower case and upper case letters and numeric/symbols. Mix it up, don’t make it personal and use different passwords for different applications.
Keep Software Scripts Current
Regardless of whether you use WordPress or Joomla or anything in between, you should always check and install updates, patches and new versions to software, applications and themes. Avoid random plugins and only download plugins/scripts from websites which you trust.
Keep your PC virus free
Install a reputable all-in-one solution with anti-virus, firewall and anti-spyware solution and keep it current. There is no excuse! However, your actions can also lead to trouble. In short, avoid visiting dodgy websites! Downloading files from non-reputable sites and opening up strange email attachments is as good as leaving your front door unlocked! Criminals often gain access to your hosing account via a Trojan, Virus or Key Logger which was planted on your PC when you visited a website created by the hackers which you assumed was safe.
Insecure FTP (file transfer protocol) connections
FTP is very commonly used to upload and transfer content to your website. One huge issue with FTP is that the server can only handle usernames and passwords in plain text. Once a FTP connection is initiated, the passwords are automatically submitted to an IRC chat room where a master controller accesses the website and starts to infect the website with malware. Furthermore, once someone gains access to your FTP password they can destroy your website. Look into Secure FTP instead or chat to your hosting provider about other file transfer methods.
Third Party Add Ons
Everyone wants their sites to look pretty and have the latest functionality. For example, the plugin directory in WordPress is like going shopping for your website! Make a list of all third party plugins and update them regularly, only install reputable ones. Read reviews, visit the code source site and do your research!
If your site is hacked, keep data loss to a minimum by backing up your entire site regularly and saving all recent backups. Once your host account is cleaned, minimal effort will be required to get your site operating again.
It really is your responsibility to ensure your website is kept as safe as possible and maintained to a level that deters hackers. It is not your host provider or web designer’s responsibility to safeguard your site. Make regular backups, keep your login details safe, stay up to date and do not install components from the Internet from sites which are not known or trusted. If you follow this advice and your site is still hacked, you will at least be in a position to recover fairly quickly. No one is immune from being hacked, so remain vigilant and do not become an easy target.
The Business Butler is the extra pair of hands you need to run your business. We can handle everything from your social media to your blog posts and everything in between. Run by professional mums for other mums in business. We are at your service!
Image courtesy of chanpipat / FreeDigitalPhotos.net