Email: help@fixyourwebsitenow.com

Phone: 617-365-2412

FYWN Blog

How To Secure Your Business Website From Hackers

With continuing cyberattacks resulting in ransomware lockdowns of websites and intranet systems all over the world, the security of your data has once again come to the forefront of current affairs.

Yet, if you value the sensitive data that is the lifeblood of your successful business, security should never be far from your mind. You need to be sure that you’re doing everything you can to protect your website and the information it contains.

Although there is no such thing as 100% protection from hackers, there are steps you can take to improve your security and protect your data. One of the easiest steps to take is to utilize a Content Management System (CMS) to power your website. And one of the most popular CMS platforms for small business is WordPress.

The popularity of WordPress (driving more than 42% of websites, and 63% of those that use a CMS) means that it is constantly improved upon, with many new plugins and themes developed regularly as well. With WordPress, you have a vehicle to keep you ahead of malicious attacks better than sites without one.

Sounds perfect, right? Well, there is one thing to consider: If you’re not updating your WordPress application and associated elements as they evolve, hackers can use them against you, and that same vehicle will drive your website into a proverbial ditch.

How are hackers able to access your site? It is due to the nature of WordPress and other CMS platforms being open source. When developers update the WordPress application or a related element, they will publicize the changes/improvements for anyone to see, in order to help you update your site. However, this update also goes out to the bad guys, who use this information to determine what vulnerabilities exist in previous versions. Then these bad guys release web crawlers into cyberspace to find WordPress sites that are not updated, and exploit those vulnerabilities.

And before you can say “WannaCry”, your site is hacked. What happens after that is usually not good; your website could be held for ransom, used as a spam generator or even as a launchpad to infect other websites.

The security of your website, alone, illustrates the importance of updating its functionality. Yet, the amount and frequency of updates that are developed can make maintaining your website by yourself incredibly time-consuming. So how can you make sure your site is updated and secure?

Many themes and plugins have the ability to automatically update, which is one possible way for you to make updating your site easier. But, while Auto Update is a time saver, this process presents its own risks. While one element may update, others may not have caught up, creating incompatibility conflicts that can crash your website – or worse yet, lead to security breaches.

Crashes and security threats are terrible, but just two of many issues that can arise. In our own experience with clients and colleagues, we’ve seen other strange problems result from the use of Auto Update….

PayPal Conflicts
About a week before Christmas, a shopping cart plugin on an eCommerce website was automatically updated, which somehow caused the PayPal link between the eCommerce site and the processor to be disconnected. To the site visitor/shopper, the transaction looked like it processed, but the merchant/site owner was never notified, nor were the funds transferred. The result? Every person that week who used PayPal to order something ended up ordering nothing. Not only were the buyers left without a Christmas gift, the merchants lost significant revenue during their busiest time of year, as well as the opportunity for happy, repeat customers later.

Video Playback Issues
On another website, a slideshow plugin automatically updated, causing a video from YouTube to completely fill the background of the site’s homepage, rendering all black text on the page unreadable. Ironically, the site did not even use a YouTube video, but due to the presence of the plugin, the Auto Update error caused significant issues. The site was now unusable and unreadable, especially to new visitors who did not know the company, not to mention making their firm look unprofessional to anyone who did know their brand.

To summarize, not maintaining the functionality of your Website CMS can result in:

  • Your website being hacked and infected with ransomware, spambots or other viruses
  • Functionality conflicts that will crash your website
  • Other conflicts that can lead to functional errors, angry customers and pure, unadulterated embarrassment

Of course, trying to maintain your website on your own is a challenge for you – after all, you have a business to run! And if you’re not an expert in whatever CMS you’re using, you could very well make things worse, not better.

You invest in your home to maintain it, as well as your car. Why not your website?

If you’re not comfortable with technology, or just too busy to be bothered with following the steps to backup, test and reset errors caused by Auto Update, consider hiring a third party to maintain your greatest business asset. It is a sound and wise investment. For a considerably small cost, your ROI will be immeasurable – and your website will run at 100 MPH.