Secure Your WordPress

Around the world and here in Australia, more and more WordPress based web sites are getting hacked and compromised. This often results in sites being defaced and/or malicious software being installed to send SPAM or distribute viruses and malware to site visitors.

For business owners, web developers and hosting companies, hacked and compromised WordPress based sites have becoming a steadily increasing problem.

Why is this?

With WordPress now being the most popular web site development and CRM platform in the world – with over 60 MILLION users – it is a highly attractive target for hackers.

Hacking an insecure WordPress site is also not very difficult, and there are many automated tools out there to find and detect insecure sites.

With the Internet being such an important part of modern business processes, web site and I.T. security is fast becoming  a priority.

So how are sites “hacked”?

1) The number one reason a WordPress site gets hacked is due to site owners failing to update or maintain their WordPress software installations.

Once a security flaw is discovered in either the core WordPress software or installed “plug-ins”, it must be “patched” and upgraded to close the hole that allows a site to be compromised.

The problem here is that many WordPress site owners don’t often check their installation for upgrades, or ask for assistance if they notice an upgrade is available.

Often it is the Web Developer who is expected to maintain their site and software, though without a formal agreement or regular WordPress maintenance service provided, this “expected” maintenance is often not performed.

This type of “non-maintenance” hack is usually seen with cheap overseas or “fly by night” operators.

If you have a WordPress site, make sure you are either maintaining upgrades or have a service provider that is maintaining your site software and security.

Cyanweb provide WordPress Security Services and can monitor and maintain your WordPress installation, keeping your site backed up and secure from threats.

2) The second most often exploited hack point is directly via themes or plug-in extensions that were installed either by the developer or by the site administration user after development.

In-experienced developers or site admins will often install whatever they find online that promises to do what the want to do on WordPress.  This is a dangerous practice as often a hack script or backdoor access is installed onto a site without the owner even knowing it.

Be sure you know and trust your developer, as well as the “plugin” or “theme” provider before installing.  The fewer “plug-ins” your site uses, the more secure your site will be…

Cyanweb provide maintenance and security for WordPress based sites and can inspect your WordPress installation for potential security threats as needed.

3) The third, though less common hack is simply “brute force” hacking of an insecure administrator account. 

This happens when online hacker “bots” attack a WordPress login page with millions of combinations of usernames / passwords – though generally they go after the username “admin”.

If your WordPress site has a username of “admin” or “wpadmin” on it, be sure to request your developer to change that as soon as possible!

If your developer is no longer available, Cyanweb can help you regain control of your site and services.

What WordPress security is available?

There are generally 2 levels of WordPress security – server level and installation level.

At the server level, intrusion detection and hacker activity can be detected and blocked using web application firewalls such as Mod_Security and file scanning software to detect known hacker scripts installed on the hosted site.

While effective under certain circumstances, server level security can only do so much to protect a WordPress site.  If a web site is hackable at the installation level, generally there is little that can be done at the server level except to identify a hacked site after it has already been compromised.

At the installation level there are 3rd party plug-ins available that will scan and protect your site in various ways – though these should always be managed by an experienced WordPress security expert.

WordPress security plug-ins provide varying levels of security: from blocking brute force attacks, notifying you when software updates are available, to automatically running updates for your software.

Do keep in mind that software updates can break things, so it is always best to have an experienced web developer or WordPress admin manage your updates so they can test and fix any problems that can arise.  Always back up your site before running and software upgrades!

Also, just installing a “security” plug-in won’t stop hackers and does not mean your site is secure.  Experienced hackers will install back-door software on WordPress sites that can only be detected through human forensic investigation of site files.

What do I do if I’ve been hacked?

Unless you are a WordPress security expert or experienced web developer you are going to need help repairing your hacked site.   Hosting companies will generally shut down a compromised site, often without any notification to the site owner, as a hacked site represents a risk to the server performance and reputation online.

Repairing a hacked WordPress installation often requires human forensic analysis of all site files in combination with automated scanning software used to “clean” a hacked site.

This can be a time consuming and expensive process, especially if your site has many customisations or plug-ins being used.

What does it cost to fix a hacked WordPress site?

Typical site clean-up fees after a WordPress hack are around $300-$500 depending on the complexity of the site theme, number of plugins and core code customisations made.

Prevention is better than cure: Cyanweb WordPress Security & Maintenance services start from $55 / year if your site is hosted on our servers.

If you have a WordPress based web site and need help or would like to enquire about our WordPress Security & Maintenance services please contact us.