Website Security – How sure are you about your site?

By 48in48 | September 28, 2016

My goal here is to cover some of the basics of website security, in particular, WordPress website security because that is the platform we use for our sites. WordPress websites need the following to be secure:

Weekly site backups (real backups in the cloud)
Weekly updates of WordPress, themes and plugins
Solid, reliable hosting
A plan for how to deal with malware

These are all things that most any organization can do internally, but these are all things that almost every organization neglects. When they are neglected, sites often get hacked. The scary thing is that sometimes a site will be hacked and it will not be noticeable to the organization for an extended period. Let me give a few examples of obvious hacks and subtle ones:

Obvious hacks:

The site is down
The site is showing code at the top or bottom of the screen
The site has been modified with a goofy message like “you have been hacked by…”
The site has inappropriate / offensive imagery or language on it

Subtle hacks (which are scarier):

Some of the links within the site start redirecting to medication websites that could be embarrassing.
When you search for the organization on Google, it comes up, but the language about the organization is about selling a particular medical supplement (blue pill) rather than information about the organization.
When you search for the organization on Google the link back into the website redirects the user to an online store selling basketball shoes.
Someone gets access to your site and subtly posts weird blog posts all throughout your blog without you realizing it for months.

I have personally seen all of these hacks happen. The obvious ones get noticed right away and fixed. The subtle ones can go on for months until a user finally gets pushed to some weird site and then complains to the organization. I confess, I am writing this to scare you.

To maintain the integrity of your WordPress website you must do one of two things. Either commit to a weekly regiment of maintaining and updating your site and do it without fail. Or, pay someone to do it. If you don’t commit to one of those options, your site will be in danger.

As much as you might like kitten videos on YouTube, waking up to a homepage full of kitten videos because a hacker was bored last night is no fun.

Posted in Nonprofit Websites

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Website Security – How sure are you about your site?

Obvious hacks:

Subtle hacks (which are scarier):

Stay Connected With 48in48

Get In Touch!

Additional Resources

Company Info.

Support