Stay safe from hackers

posted in: News
wordpress updates
Keeping your WordPress up to date is essential

Consider this scenario; You live in a house that’s insured. It has a smoke alarm installed to protect your family in the event of a fire.

When you go off to work in the morning, you lock your house to prevent being burgled.  Then you get in your car, put on your seat belt, start the engine with a unique key and drive to your office carefully so as to avoid an accident.

You may even stop off en-route and purchase breakfast or fuel using your credit card – and you’re careful to ensure no-one sees the pin number you enter at the checkout.

You arrive at your office, lock the car and sit down at your desk where you most probably enter a password into your computer, which has been backing up its files overnight to an external hard disk.

Hopefully you do most, if not all of these things because you want to “look after” the things you value – to be safe from “opportunist thieves”, accidents or worse – malicious acts of destruction.

All of your actions are precautionary so as to avoid the considerable harm or damage (not to mention the massive inconvenience) that is caused when ‘something bad’ happens – or disaster strikes.

Cyber crime is making big headlines – is your business website protected?

You do all of these things to reduce risk.  So, do you apply the same standards to your business website?

In the last few months, over 90,000 WordPress websites have been attacked using a technique known as ‘brute force’.  The hackers behind the attacks have combed through WordPress accounts and attempted to guess passwords using a login script.

The hackers uses Brute Force to cycle through thousands of common passwords. While this tactic is useless against savvy users, enough people use easy-to-guess passwords to make it worthwhile for the hackers.

What do they do if they break in to your site?  They steal customer data, redirect links to other sites (typically pornographic links) and generate spam from your domains – all of which is a major headache, terribly embarrassing to you and costly to clean up.

Take action now to check you’re as safe as can be!

Three simple steps to avoid a website security disaster

  1. Ensure that all admin user name and passwords are hard to guess and are kept safe. Using admin or 12345 is asking for trouble.
  2. Make sure all sensitive data such as client credit card details is stored correctly on the server with appropriate SSL protections and encryption in place.
  3. Ensure that your website is regularly backed up and that operating software is kept up-to-date. Out of date software is a security risk and may contain vulnerabilities.

Whilst no system is foolproof, if you follow this advice – it will be a good start to ensuring your risks are mitigated!  Purple Dog offers security audits for your website and associated data.  We also offer “Club Purple” maintenance plans to ensure your site software is updated regularly and your website is backed up frequently.

We would be happy to talk to you. Get in touch to find out more.