Close

What I Learned From Being Hacked

Hackers go for an weak and easy target. They search for security holes that can be easily exploited. They often share information with each other about security vulnerabilities, and then write automated scripts to go out in search of people who haven’t patched the holes.
Hackers go for an weak and easy target. They search for security holes that can be easily exploited. They often share information with each other about security vulnerabilities, and then write automated scripts to go out in search of people who haven’t patched the holes.

Several years ago I was running a portal website on WordPress. I’d spent a number of years building a respected podcast network featuring about 40 podcasts, all built on WordPress. When I look back I was really pleased with what I was able to build out of WordPress and it’s plugins, but I had a big blind spot.

Wordfence one of the leaders in WordPress security software mentioned in a recent post the method that hackers use to identify a new WordPress installation and prepare it for hacking in the future. Another security provider says that more than 30,000 websites get hacked every day.

Mine was one of those sites that got hacked and they not only defaced my site, they were able to access every other site on the network. It was a devastating blow to my business and my reputation. My closest supporters were understanding but the reputation damage had already been done. People would send me emails asking “was the site really safe?” It was a question – at that point – that I could only guess an answer to. It was such a frustrating and stressful time.

This experience taught me a valuable lesson in security. Hacking often isn’t about you, it’s about the ego of the hacker. The thrill comes from being able to exploit vulnerabilities – it’s about being able to demonstrate how smart the hacker is to their friends, at your expense. Where do these security problems come from? They often come from sites that haven’t been ‘locked down’ or from code that hasn’t been updated.

Even software code written by the best programmers can have flaws which create security holes for hackers to exploit.  When you have a website built on a CMS like WordPress, you’ll see regular updates to core software and plugins. These updates don’t just deliver improved functionality, they plug vulnerabilities as well. That’s why keeping your site updated is so important.

Just like a bully, hackers go for an weak and easy target. They search for security holes that can be easily exploited. They often share information with each other about security vulnerabilities, and then write automated scripts to go out in search of people who haven’t patched the holes.

By taking simple precautions you can make your site a less attractive target for hackers.  With a strong security plugin and by keeping your site updated you can stand up to these online bullies.  It doesn’t mean that you’ll never be attacked or that hackers will not try to disrupt your site, but it will make it harder for them to achieve their goal.

Taking backups that are stored apart from your website will help you if your site is ever compromised. Being well prepared means your site won’t be disrupted for long, when a security event happens. Before you are attacked you should practice restoring your site from backup – so you know how to do it.

If you don’t feel you have the skills to secure your site, you can have peace of mind for just a few dollars each month. Asporea’s WordPress Protection Plan offers daily backups, core updates and plugin upgrades. We also offer a complementary health check to ensure that your site hasn’t been compromised. To find out more check out our WordPress Protection Plans.

Share this post

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

Leave a Reply

Your email address will not be published. Required fields are marked *

* Checkbox GDPR is required

*

I agree

This site uses Akismet to reduce spam. Learn how your comment data is processed.

6 Actions to Drive More Website Visitors

Recently I had a conversation with a new client about how to bring more people to her website as she was suffering from low visitor numbers. Here are six key actions I suggested as a way to remedy poor traffic.

Website Maintenance – Should you DIY?

Knowing those things that you’re really skilled at is critical to ensuring you are spending your time on the right things.

Why A Shared Server is not Good Enough for WooCommerce

A Virtual Private Server will give you an astonishing boost in WooCommerce speed. Find out how smart clients are getting favourable results right now with Asporea VPS.

GDPR and Doing File Sharing Responsibly

In a world now obliged by European GDPR laws, have you considered privacy when it comes to the use of file sharing apps like Dropbox or WeTransfer?

WAIT! BEFORE YOU GO

WANT TO SUBSCRIBE?