There seems to be a general complacency surrounding website security and it almost certainly stems from the idea that hackers are not interested in your website. Unfortunately, this couldn’t be further from the truth.
>> Can’t be bothered to read this? Jump directly to the FIX
Wait, What!
Getting hacked can DESTROY YOUR BRAND, cost you $1000’s in lost revenue, and cause you to endure extended downtime and costs.
If I had a dollar for every excuse I’ve heard as to why WordPress website security is not a priority, I’d have like $64 🙂 Okay, seriously, do any of these sound familiar – You know who you are.
“Nobody would want to hack our site”
“Our website is just wallpaper”
“We don’t store any user data on our website”
“Our hosting provider takes care of our security”
“WordPress is already secure” …
Let’s look at why WordPress (and WooCommerce) websites are targeted and why hackers even bother.
Why WordPress
WordPress enjoys over 40% of all websites on the internet. This makes it a prolific platform distributed across the globe and encompassing every conceivable industry. This means WordPress is low-hanging fruit for bad actors. Hackers attach sites for a variety of reasons, including:-
- Spreading malware
- Adding redirect malware
- Adding spamvertising
- Black-hat SEO
- Bandwidth hijacking for BotNets to perform DDOS attacks on select targets
- and more
Why Do Hackers Bother
WordPress is ubiquitous
Being so popular with such a large software development community, and providing free functionality, is the reason so many companies opt for WordPress, it’s also the reason hackers target it with a high degree of success.
THOUSANDS of free plugins and themes
The WordPress core is generally very secure and incredible well maintained. The core development team regularly issues security updates that plug holes and improve the overall security of the core. Unfortunately, you can’t build a meaningful website using only the WordPress core – you are going to need to add a few plugins and probably a theme or page builder.
Unfortunately, many plugins and themes are not well written or maintained – leaving your website vulnerable to bad actors who are well-schooled in the art of exploiting poorly developed software.
So What’s the Worse That Can Happen?
Getting hacked can result in a number of outcomes all of which are bad for you, your customers, and your brand.
- It could cost THOUSANDS of dollars to remediate
- Getting hacked can DESTROY your brand
- You could lose $1000’s in sales and services
- Customers could be faced with redirection, defacement, or a non-functioning website
- Google could detect multiple Search Console errors
- If you are using shared hosting, your provider could close your account
- Your users and their data could be compromised
- You could run afoul of The California Consumer Privacy Act (CCPA), or The General Data Protection Regulation (GDPR).
- It could take weeks to recover
- White Screen of Death
Why It’s Important To Care and What You Can Do
Okay, so you made it this far.
Take a look at the list below. If you can answer ‘Yes’ to any of these questions, then taking care of your WordPress Website Security needs to become a priority for you.
- Are your brand and reputation important to you?
- Is your website mission-critical?
- Are you managing a WooCommerce shop?
- Do you store user data such as credit card information, names, and addresses?
- Are you running an Association/Membership website?
What can you do?
- Get The Best Hosting you Can Afford
- Secure Your Accounts
- One of the simplest things you can do is to ensure all the accounts associated with your website are adequately secured with strong passwords
- Add 2-Factor Autentication
- Enforce secure password practices
- Back-Up Regularly
- Update, Update, Update
- Monitor Website Activity
- Activity log
- Set up a Firewall
- Segment Your Internet Environment
- Set up a Content Security Policy
Get Full-service Website Security – ProACTIVE X E2M
If all this do-it-yourself website security looks like a lot of work that’s likely to cut into your other business activities or if you feel you don’t have the skill set to adequately select, install, configure and maintain the tools and services needed to be successful, then consider ProACTIVE X E2M. ProACTIVE is a full-service, subscription-based website security service for WordPress & WooCommerce, protecting mission-critical websites from bad actors.