Select Page

How To Protect Your Website From Getting Hacked And Other Nightmares

Over 100,000 Sites Get Hacked Every Month – What You Can Do To Protect Yourself?

How To Protect Your Website From Getting Hacked And Other Nightmares: Imagine this. You get up one morning to check your website {I have 5}. And it’s not working at all. In fact, the page where your beautiful website used live is replaced by a message from your web hosting company that its Forbidden or Not Available. Or worse yet, the page that used to display your website has been replaced by a Google warning, the page the color…blood red, warning viewers that the site contains Malware and has thus been blacklisted.

Heart palpitations ensue. Panic attack. WTF?

How To Protect Your Website From Getting Hacked And Other Nightmares

“Hackers don’t care that all or part of your living is made from having your website up and running 24/7”

The Ugly Truth About Hacking
Truth be told there is no 100% effective way to protect yourself from being hacked but there are several prudent steps you can take to protect yourself for your sites being hacked. And I can tell you first hand. I’ve had all 5 of my sites hacked twice. Once in July and another time last week. Let me tell you its a serious pain in the ass to get everything up and running again. While I don’t claim to be an expert you can learn from my mistakes and my victories and steps I’ve taken so that this will not happen in the future. And if it does happen again, what YOU can do to protect yourself. It’s estimated that on average, 100,000 sites get hacked every month. Look at the recent hackings that compromised customer data: Yahoo 500 million accounts, compromised, Ebay 1.5 million accounts, Target 110 million, Home Depot 109 million, JP Morgan 83 million. Hackers gain access to credit card numbers, date of birth, email addresses, physical addresses, and finally login credentials. To see a MIND BLOWING graphic, visit the Information Is Beautiful page and get an eye full of some of the world’s largest company hackings. The ugly truth about hacking. If there is data that hackers want, they’ll get it. Hackings {like terrorism} will continue to be more and more prevalent. But there are things that you can do to protect your websites from being hacked, or at least from being completely compromised to the point that there is nothing you can do to save them for the malicious code that hackers insert into your website root directories. The worst case scenario is that your site will be a pile of garbage code and you’ll have to start from scratch. If you’ve worked on your site / blog for years, you could be faced with losing 1, 3, 5 or even 7-10 years worth of blogging or website / blog development.
Hackers don’t care about you. They don’t care about the amount of work you’ve put into your site. Hackers don’t care that all or part of your living is made from having your website up and running 24/7. Hackers don’t give a rats ass that website houses your online portfolio.
What Steps You Can Take To Protect Yourself From Being Hacked
*I’m a WordPress user, but the info below is applicable for all websites.

  1. Assume you will eventually get hacked. Takes these steps to preserve and protect your data.
  2. Make sure to do a daily, weekly or monthly backup of your website. The more your blog, write or code your website, the more you need to back it up. If you don’t administer your website yourself, you’ll want to instruct your webmaster to back it up for you. Don’t assume he/she is automatically doing it for you. I’m using Updraft Plus to backup my sites. Additionally, I go into my servers myself and do a complete backup. Then download it via FTP to several onsite drives so that I have multiple backup copies.
  3. Update your WordPress software, update your WordPress Plugins and delete all WP plugins that are deactivated. Outdated WordPress software and WP Plugins are a common way for hackers to gain access to your website.
  4. Use a Password software to generate insanely complex passwords: Some suggestions for password software are 1Password and Dashlane. There are many more but these would be my two picks. Do Not and I repeat, Do Not use the same password twice for any other login credentials. For instance use a different password for your WordPress site and another for you servers etc.
  5. Keep your email account separate from your website. What I mean by this is Do Not have your email hosted on your website server. I use Google – Gmail for business, and pay a monthly fee of $4.99. This way if my website servers go down or if my websites are ever hacked my email will not be compromised. If your email account, sarah@mybusiness.com is ever hacked or the server melts down [and there is no redundancy] your email is always up and running. In the years since I’ve been using Google for business Gmail, I’ve never noticed an outage with my email.
  6. You should not have multiple sites on the same server. This is a big mistake that I made. If a hacker can get into one site or the primary domain, they can access all other accounts. I recommend hosting each of your websites on separate servers.
  7. What to do when you get hacked. After going through a list of companies, recommended by my hosting company and by my own research on Google I wasn’t able to find anyone that I trusted to do the job. None of the companies that I called picked up the phone. That is until I reached Mike at 911 Website Repair. Mike promptly picked up the phone. After explaining to him what had happened he told me he could handle it for me. Quoted me a price that was a third of what all the other companies had quoted me. Mike and 911 Website Repair was constantly in contact with me keeping me updated on their progress and they have a great online ticket system where case updates are posted and you can add info and reply to update statuses.
  8. Consider using a firewall. If you have only one website this may be overkill. But if you are like me and have multiple websites I recommend a firewall. My second hacking this past week was pretty bad. It happened on a Thursday and took until Monday night to get fixed. I had the dreaded Malware warning posted above. That’s five days with a downed website. In my case 5 websites. Not pretty. Mike suggested adding a firewall to protect my sites. There is a yearly fee for the firewall, but its peace of mind for me and 911 Website repair promises that if a hacking were to happen that they’d fix it/them for free when using their firewall.

I hope you never get hacked. But if you do, and you’ve followed the steps above, at least you’ll have a clean backup copy that can be reinstalled. If the hacking is bad enough and you don’t have a back up copy you may need Mike’s help at 911 Website Repair.