It’s
a nightmare scenario. You go to your website only to find a nasty
message from a hacker bragging about hacking your site. And nothing
else. As far as you can tell your content is gone and you can’t even
find a way to log into your Website, WordPress OR Blogspot dashboard.
Would your business survive your website being shut down, even temporarily?
Have You Really Been Hacked?
A
lot of times people come to me saying, “My site’s been hacked,” when it
really hasn’t. With Blog sometimes plugin conflicts can cause issues
that seem to the user like a hacker has messed with something. This is
most common when upgrading to a new version of blogging services if a
plugin hasn’t been made compatible with the new version yet.
While that can cause your site to crash, it’s not caused by hackers.
Not
only that, but most of the sites I’ve seen that have been hacked
weren’t just taken down by them. Most of the malicious hacks I’ve seen
involved injecting some code into the site, usually with the end goal
to redirect site traffic to some other website.
The Symptoms
Without
going into the details, it case was a little different. the
site actually showed an all white screen with an error message along
the lines of a plugin conflict and the hacker just wanted to crash her
site. Turns out he was into stealing something else.
Here
are some things you can do to minimize the chances you’ll end up
getting hacked and maximize the chances to fully recover quickly should
your site crash (for whatever reason).
1. Use Strong Passwords.
Make
your passwords not only hard to guess, but make them more difficult for
sophisticated hackers to break as well. Randomly mix in special
characters (found on the number keys with the shift button) as well as
numbers and upper and lower case letters. Here’s what Wikipedia says
about password strength.
Almost
all Websites & blogging services cPanel will tell you how strong
your password is. Stronger passwords offer better protection.
It also makes them harder to type in. That’s why I use 1Password to manage my passwords. I
can use really strong passwords and I don’t have to remember them or
type them in. 1Password will auto fill web forms for me. It’s the best
of both worlds: good security & user friendly.
2. Keep Your BLOG/Website Updated.
One
of the most common ways websites get hacked is because their owners
don’t keep their software up to date. What happens is that older
versions of WordPress can have know security weaknesses. These
weaknesses are fixed by newer releases of the software.
But if you don’t update your software, you leave yourself exposed.
This
also holds true with plugins and themes. Besides, the newer versions of
websites make keeping everything up to date remarkably easy. There’s
not much of an excuse to keep you from updating things.
3. Backup Regularly and Often.
A
good backup can cover for a ton of other issues by making it possible
to revert back to how things were before your site crashed. You need to
back up your
- Database
- Theme Files
- Plugins
- Media Uploads
- But the point is backup early and backup often!
Bottom Line
I don’t believe any site is completely “hack proof.” A determined hacker with enough resources can break into most anything. Just watch an episode of NCIS!
But
if you do these three things you will greatly reduce your risk of being
hacked and make it much easier to recover if you do run into a problem.
No comments:
Post a Comment