Small Business Talk
The Podcast to Grow your Business Faster
Is WordPress Safe for My Website?
Is WordPress Safe for My Website?
Show Notes
Let's Talk About WordPress Websites
This is a question that gets asked a lot. Is WordPress safe?
Probably more than half of small business websites are now built on the WordPress platform. WordPress is an open-source platform, which means that nobody owns it. But because of this, many people can go through the rigorous screening process to help make it better and to add different things. Lots of people build different plugins, which make your life a lot easier, things like form builders or even page builders, so that now it’s a lot more drag and drop than it used to be.
A lot of people build websites on WordPress and don’t have any coding skills, and this is one of the advantages. It’s a very easy to use system once you get your head around it and many people with no coding skills make beautiful functioning websites using WordPress. So, is it safe? If you maintain your WordPress website, yes, it is safe. No website, no computer software is a 100% safe, however, maintaining it and looking after it will eliminate and reduce any risk. If there is an unfortunate situation, if you are maintaining your website or having it maintained, you will be able to get on to it very quickly and get it cleaned up.
How Can You Prevent Hacking?
First let’s talk about website hacking. Websites can be hacked in numerous ways, regardless of what platform they’re built on. So the way that websites can be hacked is: Files that are upload that contain malicious code; brute force entry, trying to guess your password and your log in; denial of service, a steady stream of traffic from hacker’s bots; cross-site scripting, codes that are entered or executed from your URL to another site, so your website; malware and many more.
The first way to prevent hacking is to protect your computer. Hackers prey on easy targets. Just like your home security, if your door is left unlocked, then the burglars are more likely to come in. If it is locked, they’ll probably raffle the door and then move on. If your computer is safe, you’re probably halfway there.
Maintaining Your Computer
To keep your website safe, you need to start by maintaining your computer, having up to date security on your computer. Computers need anti-virus checkers; they need to be maintained. Scan your computer regularly, install a firewall onto your computer, secure and keep your computer updated. We all hate it when we get these constant updates, but they really are important.
A lot of times they’ve found little bugs and it’s a patch to fix it.
It’s just like your car. If you were told that there was a problem with a door lock in your car, you’d want it fixed.
Same with your website, you need to secure and keep that updated.
Have Strong Passwords
You need to use a solid password, preferably with a lower case, an upper case, a number and a special character. You know, like the ampersand (&), the and sign , or a star, percent sign, exclamation mark, something like that.
Now, don’t use the same password for everything. Yes, it’s easy, but if they get into your life and all your passwords are the same, your computer, your banking, your website, and goodness knows what else, they really could make a mess. So just think about mixing your passwords up. When you’re thinking about your WordPress website, don’t use the generic admin as your username. Do something a little bit different, so that way you’ve got some chance of locking them out.
Have a Security Plugin Installed
Make sure that you have a security plugin installed, something like Wordfence or Sucuri.
Both have free options, so think about that. Make sure your WordPress and your plugins are updated, particularly when it is a big update, so if it’s a total version update. Now, if you’re not familiar with the way your WordPress has been built, just be careful because sometimes updates can break things. So if you have a maintained site, make sure that whoever’s maintaining the site for you is updating it, but always check before you update and make sure you have a backup, a full backup, of your website in case something goes wrong. If you update a plugin and it breaks and you’ve got a backup, then you can reinstall it, previous to when it was updated, and then work out what the issue is. So, backups are critical. And backups need to be done away from the website and preferably away from your hosting, so that you have that extra level of security. You could back up into a Google drive, a Dropbox, or some other file system like that. And make sure that it’s backed up regularly and test your backups from time to time. But remember not to back up over the previous one because if you find that there’s an error and it’s previous to the last time you backed up, you only have the copy with the error on it. So, back up a few times and preferably in a couple of places.
Choose A Trusted Web Host
There’s lots of web hosts out there. Some are exceptionally cheap and as you know, generally, you get what you pay for. So just make sure that you do have good security on your web host as well. And make sure you have an SSL security certificate installed. So, that’s when you have the HTTP, it now needs to have an S, so HTTPS, colon, double forward slash and then your website address. Now, why you need to do that is because that’s another level of security for you, and also Google is moving towards de-listing or not making searchable websites that don’t have this security. It used to only be if you were selling something or if you were taking credit card data, but in recent months, Google is asking for all websites to have security.
Will Your Website Be Hacked?
Will your WordPress website be hacked? That is the question. Who knows?
The chances of them attempting to is probably pretty high on any kind of website, whether it’s WordPress or not. We know that there are lots of people out there, unfortunately, who have a lot of time on their hands and nothing better to do. Our email inboxes are full of rubbish, scams and viruses. So please, make sure you do put in the safeguards so that if somebody does attempt to hack your website, you’ve not made it easy for them. And most times, they’ll then move on to find something that’s an easier target. The best ways to prevent your website being hacked is to have it professionally managed. The best way to prevent your website being hacked, and especially a WordPress website, is have it professionally managed so that somebody with some knowledge can then update your plugins, update your WordPress system, and then if there is a conflict or a clash and it does cause problems, they then have the knowledge to fix it. Website maintenance packages should include things like your core software updates, ongoing security, malware protection, backup services and offline backup services and much more. So if you don’t have the time or the skills to be looking after your website, please think about hiring a professional to help you.
We hope this has been helpful and don’t be scared about a WordPress website, they’re exceptionally good, but like anything, you just need to be prepared and have the correct systems in place to look after your website.
