“WordPress is installed like a piece of Swiss cheese”
WordPress has holes all through it and Simply Web Works has to plug those holes before the site goes live. As some last steps before your website is launched to the world, we need to change permissions, remove some items and add some plugins so that someone who wants to hack into your website is going to have a hard time doing it.
Does that mean that your website cannot be hacked?
Put simply, no. But it does reduce the chances of your site being hacked into single digits. There are still some hackers who are able to find ‘backdoors’ to your website to gain access to it. And once they have access to the website, they can add code to your website, redirect pages or just simply write all over it. Some hackers just send you a nice email demanding money from you. You get the idea….
It is not a fun process dealing with any of this as at the end of the day, the hackers mean you harm and inconvenience no matter what colour of flag they are waving. The problem for everyone, no matter how much money they have spent on their website, is that hackers keep on finding new ways of hacking in. So someone needs to be continually finding ways to stop them.
But doesn’t Simply Web Works handle my website security?
We do as much as we can. Every month we:
-update the plugins on your website
-update your Theme if it needs updating
-remove any plugins that are not essential to your website
-update your WordPress installation if required
But we can only do so much. And we are not experts who are focused on website security. Our job is to build and maintain your website with the skills that we have.
What can I do to stop anyone from hacking my website?
For any website the best form of security is to add a Firewall to the website. This works by redirecting your domain name to a secondary IP address that filters out any malicious content and even some IP addresses so that you are protected from these visitors and their attempts to take your website down. You can ‘outsource’ the security of your website to someone who specialises in finding out how websites have been hacked and then devising solutions so that they cannot do it again. It is a never ending process.
What can I do to add the best security to my website?
For WordPress websites, we use and recommend Sucuri CloudProxy firewall service. This redirects your domain to their firewall, the visitors are checked over to see if they have the right credentials and then if they past muster, they are allowed to visit your website. This is all done in a fraction of a second and your visitors are not aware of it. Unless of course they come from Russia, China, Ukraine and other hotspots. Places that have no business with your business or organisation, so why even start the conversation with them? Sucuri can simply stop them from visiting your website in the first place and they are blocked from accessing the site.
Sucuri charges you for 12 months of service for your website and they are very good at what they do. Simply Web Works does the setup with Sucuri for you, and then you just get a bill from us once a year to continue the service. At any time you can cancel the service and go back to plain wrap WordPress security if you want that option.
If you want the best protection for your website that we know of, then Sucuri is the service that you are looking for.