Was just reading the article “Statistics Show Why WordPress is a Popular Hacker Target” by Robert Abela at the WP White Security website. They share very compelling data that, at first glance, made me feel a bit fearful about running a website on the WordPress software. The WP White Security article suggests that more than 70% of WordPress installations are vulnerable to hacker attacks. Yow! That is frightening! But wait. I have good news to share.
The article is correct — there is huge risk associated with a website built on the WordPress system. It’s also true that risk can be greatly diminished if not eliminated — especially with a robust disaster recovery system. Since this risk exists, the crew at JustPixels.com works hard to assure that our websites are safe, secure and ready to respond when something tragic does occur. We work hard for our clients and with great success.
Here’s a bit about the things we do and tools we use to protect your website…
Backups
We implement a backup system that archives both the database (all the content and things the content is connected to) of your WordPress site and every single file that is used to make your site operate. Backups are created and moved off the server to redundant remote locations — this keeps them safe and available for disaster recovery. Frequent backups assure that we archive recent changes and updates to your site content. Current backups are vital to assure that you don’t lose any content that results in wasted time and effort. We also maintain a collection of backups through time. This is important as it provides access to a clean backup should a successful hacker invade and modify/add files. If disaster strikes, we use these backups to recover within hours (frequently less).
Website Monitoring
We monitor your website. With both automated tools and human effort we keep a watchful eye on your website for 24 hours each day, every day of the year (some call that 24/7 but, let’s be clear, it’s every hour of every day — that’s a lot). When something changes, we know it. When something fails, we know it. When the server has a little hiccup, we know it. When we see something that seems suspicious, we investigate. If we discover something is not working or doesn’t belong, we fix it.
Blocking the Unwelcome
Our systems monitor threats to your website and then blocks those threats. When some person or computer attempt to login to your WordPress administrative tools and fails, we know it. When they try more than a few times, we block their access. By blocking their access we protect your site from a relentless stream of attempted logins which can crush and crash the server on which your website lives. While this is not, technically, a successful hack it does disrupt the availability of your website. We protect you from that.
Secure Installation & Setup
We also install WordPress and build your site with a security protocol that keeps your site secure. We know how to label things that prevents hackers from finding them. We hide certain files in places to assure maximum frustration for hackers. We also constantly update our techniques to stay a few steps ahead of hackers — they are clever and they do keep us on our toes.
That’s a Lot of Work
That’s a lot of work. It’s a lot of time for both human and machine. We invest in software tools and services to assist in our efforts. And we invest a huge amount of human time to watch, tweak and fix the security of our WordPress websites. Let’s also remember that constant research and reading is required to understand the most recent threats and update our methods to assure that we are prepared and that your website is safe. It really is a lot of work.
Worth the Cost?
All that work, all those hours, all those tools and services — they cost money. This is why running a WordPress website is not free. Some will say, “I love WordPress because it is free.” Well, it’s not. It may be free to install but, as you can see from the description of our efforts, there is a real cost associated with keeping a WordPress website safe and secure.
Is it worth it? Is it worth running a website on WordPress considering all that additional time and expense? Yep, it is. And here’s why…
WordPress is, simply said, a content management system (CMS). Using a CMS allows a huge amount of flexibility and control for you, the website owner. Using a CMS allows folks with very little technical knowledge to control the content of your website. That’s a good thing. You can find thousands of CMS options today, but WordPress is one of the best. The alternative is a static website that requires tremendous technical knowledge to edit and updates. That comes at a cost. Using WordPress as a CMS saves you time and money.
WordPress also provides many benefits with a robust infrastructure that powers business opportunities in the website. This results in your website as a revenue generating center for your business — that’s important.
Wanna Hear a Horror Story?
How about some disastrous examples of hack attacks destroying a website and the impact on business? Ok, we can share a few and how we rescued those sites — but I will save those for future posts as they do get into a decent amount of detail.
We Protect You
For now, it’s important to remember that, when you hear talk of WordPress being vulnerable to hackers, it’s true. It’s also true that we can protect you. We work hard to protect you and your website. WordPress can be risky. We know how to mitigate that risk.