Did you hear about the recent hacker attack to the Microsoft website, Digital Constitution? The site is actually dedicated to online privacy. The event seemed to fly under the radar, and did not receive much media attention, however it simply goes to show that all websites are at risk and vulnerable to successful hacker attacks. Higher profile sites can draw more hacker attention based on generating more harm, financial gain, and/or notoriety, however every site should be as secure as possible to prevent incurring the high costs (time, money, clients, sales, reputation, etc) to recover from an attack.
In this particular instance the hackers were able to gain access to the WordPress site and inject spam links that sent users off to gambling sites according to arstechnica.com. This hack could have likely been avoided had the WordPress site been updated to the latest revision.
Proactive WordPress Security Steps
It’s imperative that Admins of WordPress sites constantly monitor the current revision level of the WordPress platform as well as all installed plugins. This is the first step to strengthening your WordPress website to prevent if from being hacked. There are other ways to further lockdown your site, such as the following 8 steps. Please note these are only a portion of the methods to further harden your WordPress site. There is no guarantee if you adhere to below, you will be completely secure from hacker attacks.
- Monitor and Update WordPress to the latest revision as soon as possible
- Change Your WordPress Login and Password
- Change your file permissions
- Secure your wp-config.php file
- Prevent .htaccess Hacks
- Change Table Prefix
- If you get hacked, Change your WordPress Keys
- Remove vulnerabilities on your computer (use a firewall, anti-virus, etc)
WebGuardz Security and Back Up solutions can further harden and monitor your WordPress site to ensure it remains as safe and secure as possible. In the unfortunate event you are hacked and files get corrupted, you can easily revert back to the most recent “clean” version of your website.
Stay safe and secure out there!