With WordPress websites powering over 30% of the internet, one would assume that it’s a safe & reliable method to build a website. So why would someone object to using WordPress for their website?
According to Sucuri, a leading website security company, WordPress websites made up 90% of the 18,302 infected websites they worked on in 2018. https://sucuri.net/reports/2018-hacked-website-report(Read the full report here).
Those are some scary statistics, but it does not mean that WP should never be used to build a website. In general, automobiles are considered safe. Yet we hear of accidents on a somewhat regular basis, many caused by inexperienced or impaired drivers. The same idea holds true for WP websites, much of what happens with a site is determined by the person responsible to build & maintain it.
The fact is, anyone can build a WP website on their own with no prior training or experience. Rookie mistakes and lack of proper protocol contributes to most sites that are compromised. Let’s take a quick look at the top reasons why WordPress websites get hacked.
- Unsecured Web Hosting – a website has to have a server to live on. If the server is outdated or shared your site could get infected from them. When it comes to web hosting you really get what you pay for.
- Failure to install updates – this is a big one. WordPress and the plugins (software that adds additional functions) along with themes (pre-built designs to customize) are constantly being updated, mostly for security. If you do not install the new updates, your site becomes vulnerable to attacks.
- Weak passwords & user names – by default, the username for a WP install is Admin. Everyone knows this and most people do not change it. A hacker trying to access your site with a brute force attack (where they guess your name & password) already has half of what they need if you do not have a unique username.
We consider these three the main reasons, you can read a complete list here.
So what’s the bottom line?
We feel that with proper planning, care, and maintenance, WordPress is a great solution for building your website, and it’s what we use here at Small Biz Connect.
We take website security very seriously and we are always mindful of the potential for malware & hackers.
Our Suggested Security Protocol:
- Unique usernames & passwords stored in an encrypted vault
- 24/7 monitoring with Wordfence or Sucuri
- Immediate updates to WordPress and all plugins
- Top level hosting with multiple layers of security
- Valid SSL certificate
- Limit login attempts to block brute force attacks
- Delete unused themes & plugins
- Only use premium themes
These are just a few of the things we do to ensure all of our client websites are safe and secure. If you have a question or recommendation please leave a comment below. If you need help with your online presence in the Syracuse, NY or the surrounding area we can help!.