Am I really at risk of being hacked?
Yes, you are at risk for a hacked website.
It’s not always super likely but it’s more common than you think.
Why would someone hack my website? My website is new / my business is small / I’m insignificant.
The short answer is because they can.
The long answer:
Your website isn’t spammy. You don’t have loads of links or pages that try to steal visitors’ email addresses, bank details, social media logins etc.
You don’t spam, or steal details and this makes you shiny and brilliant. You’ve created trust on your website and you’ve cultivated a strong, positive, online reputation in the world of websites.
By hacking your website, someone or something can install malware, try to ‘phish’ for people’s personal information, and redirect your links to spammy websites. Sometimes that redirect means websites that are morally questionable and definitely not suitable for work!
If you’re new or just a small business then you’ll be getting traffic and traffic is a gold mine for those with ulterior motives!
Security:Basic security is so important.
It doesn’t take much to implement. And it’s usually enough to deter casual hackers, bots, and opportunists.
Usernames and Passwords
Make it harder for others to hack your website. You can do this by reviewing basic security and tightening up simple things like your login details. Your username should not be:
- Your first name, last name or full name
- A name listed on your website (your team etc.)
- Your business name
- The email address listed on your website
Your password should be secure. You can try different combinations of random words, letters, numbers and symbols. The best way is to use a secure password generator. Programs like Lastpass have secure password generators installed.
By securing these things you make it more of a challenge for someone to casually hack your website.
Install Security Plugins
Choose a security plugin that makes sense for your business. Most will help block attackers using their IP addresses (the online identifier). This means they won’t be able to see your login page!
Some plugins are more complicated than others, but a solid Google search will help you find the right one for your website.
I love WordFence (this isn’t a paid advertisement!). Wordfence, in particular, sends an email when an admin logs into your website and they provide weekly updates on how many website hacks were attempted.
Update Plugins, Themes, and WordPress
Update your site. The plugins and themes you use are written by real people and mistakes happen, loopholes crop up, and things can become outdated. The good plugins and themes release regular updates to help keep them secure.
And if it’s not a human error in coding then it’s improved attackers. The online world changes constantly, so developers often update their plugins and themes to match trends and developments in cybersecurity. Updating your WordPress website just makes it that bit harder for someone to hack into it.
Reputable Plugins and Themes Only
Also, check out the plugins and themes you buy or install. Not all are made equal. Imagine that you’d put all this work into transforming your website into a secure online space only to download a dodgy plugin giving access to people who wanted to hack and use your site for unsavoury deeds! Be sure to research your plugins before installing them.
Make sure they offer regular updates. Most of the time, their plugin pages will tell you the last time they updated. You’ll want to make sure that they updated within the last 6 months at least.
Thinking “Why Would Someone Hack My Website?” Is A Waste Of Time.
It’ll Never Happen To Me
The Cost of Security Breaches
Not updating your site costs money. But that cost is relatively little in terms of other losses you will face. This is particularly true on a WordPress site.
If someone hijacks your website and uses it for spam you could be blacklisted on search engines and social media. That’s a huge loss to your business.
It’s also important to remember the loss of confidence your visitors (and advertisers) will feel if your security is breached. Especially if your breach involved data, malware, or spam in some way.
You’re harming more than just your cheque book.
It’s well worth the hour a month it takes to do updates and the 10 minutes it’ll take you to change your password. You can maintain your website easily and efficiently.