It’s time to make the donuts!
Website security threats and the importance of keeping your website up to date
Remember Fred, the Dunkin’ Donut guy?
I remember “Fred” well from my childhood. Every time we’d drive by the Dunkin’ Donuts on Mesa St. in El Paso, we’d yell, “It’s time to make the donuts!”, and beg for a donut.
Because let’s be honest, there’s nothing like a fresh donut!
And who wants to bother with making their own donuts. I want to eat the donut, not make the donut.
So what do fresh donuts have to do with website security?
If you want to prevent hackers from infiltrating your website, you need to take the “Fred” approach to keeping your website fresh and up to date. Your software website needs to be updated at least monthly, and definitely anytime there is a security vulnerability announced.
Considering that WordPress powers close to 20% of all websites on the web, security is a big deal.
Over the last two months, there have been at least four stories in tech news about major security vulnerabilities affecting WordPress, the most common software platform for websites available today.
The most recent breach not only affected WordPress, but also some of the most widely used plug-ins as well.
According to WordPress security experts, Sucuri, plugins that were vulnerable include some you most likely have loaded on your WordPress site:
- WordPress SEO
- Google Analytics by Yoast
- All In one SEO
- Gravity Forms
- Multiple Plugins from Easy Digital Downloads
- Download Monitor
- Related Posts for WordPress
- My Calendar
- P3 Profiler
- Multiple iThemes products including Builder and Exchange
- Ninja Forms
Why would someone want
to hack your site anyway?
Website owners who store sensitive data on their sites, need to be especially vigilant in protecting against security threats, but even sites that don’t store valuable data get hacked all the time.
Aside from stealing information, there are three major reason why hackers do what they do:
- They use your site as a platform to hack more valuable sites
One hacked site won’t do a hacker much good, but a group of 10, 20 or even 100 hacked sites together become a botnet (a large network of compromised computers). A botnet can be used to like a battering ram to hack the truly valuable sites like government and financial institutions.
- To infect other computers with malware, viruses, trojans, and other malicious sounding things
Hackers can used a hacked site like a syringe where their malware can be stored and then injected into unsuspecting computers.
- Just for fun
Sometimes, there is no reason why, it’s just about bragging rights. But even if there’s no reason, it can still take a lot of time and money to clean up the mess if your site isn’t properly backed up.
So, how do you protect your site?
While no site on the internet is 100% safe from hackers, there are some steps you can take to make sure your site is protected. It isn’t hard, but like Fred the Dunkin’ Donut guy – it requires time and consistency.
If you’re an 8 Signal Monthly Website Management customer, you don’t have to do a thing. Your site has already been updated.
As part of your monthly management service, we stay on top of all your software and plug-in updates. We run regularly scheduled updates once a month, AND we also keep our finger on the pulse on the WordPress community.
As security vulnerabilities arise, we respond with immediate updates to your site.
Additionally, we make sure to run both weekly and monthly backups of your site. In the event your site does get hacked, we can have you restored to your former glory in no time.
If you don’t have a website management plan, it is important that you log into your WordPress dashboard, at minimum, on a monthly basis to run WordPress core software update and plug-in updates.
If you are using a 3rd party theme on your site, that also needs to be updated whenever new versions are released.
In addition to securing your site with frequent updates, 8 Signal’s website management plan provides two hours of service on your site each month. That way you can keep your software and your content up to date.