Slide toggle

Category: WordPress

5 Ways Your Website Could get Hacked

You’ve spent all this time on creating a kick ass website – don’t let the hackers get you down.. here are some tips to help you combat the worst case scenario (Trust me when I say, it IS the WORST!)

Your Web Host Is Vulnerable

Quite frequently, many websites hosted by the same web hosting company are all hacked together. In these cases, the problem usually lies with the host. Either their servers have some vulnerability which is being exploited by a hacker OR the hackers have figured out a way to gain access to one website on a server and then use that website to infect the other websites hosted on the server. Always file a report with your hosting provider if your site has been hacked.

Your Computer or Your Web Developer’s Computer Has Been Compromised

Sometimes, the root of the problem lies with machine used to access the website and not a vulnerability of the website itself. Hackers can infect a computer with malware, enabling them to steal saved passwords or infect files as they are uploaded to a server.
To prevent this from happening, the computer used to access a website should be regularly scanned for spyware, viruses and malware. Additionally, unencrypted passwords should not be stored in FTP programs.
Finally, when accessing any protected area of the website – control panel, databases — be sure that you are using a trusted network.

Your Passwords Have Been Leaked or Are NOT Strong

When it comes to passwords, they can only protect your website is they are strong. This means that passwords must adhere to the following criteria.

  1. Unique. Passwords should all be different from each other and not used on any other website.
  2. Complex. Passwords should not be easily guessed. The best passwords do not contain words and are a combination of numbers, symbols, and upper and lower case letters.
  3. Private. Be careful about who you share your passwords with and how you share the passwords. If sending a password via email, consider transmitting it as an image instead of via plain text.
  4. Self-Selected. When you setup a web hosting account, install content management software, or create databases, passwords are typically automatically generated. And while these passwords are often very complex, hackers can sometimes guess these passwords.
  5. Regularly Changed. By updating your passwords, you lessen the chance that a leaked password can be used to gain access to your website.

Your Content Management Software Has Security Holes

Content Management Systems (CMS) (Like WordPress) are used to make it easier to manage content or maintain other functionality. But there is a big downside. Regardless of which CMS is used, there are always security holes that can be exploited by hackers.
To keep your website as secure as possible always make sure your CMS platform is up to date with the latest security patches and versions.
While it may be expensive or time-consuming to keep your CMS updated, it is worth the effort. After a new update is released, details about security flaws in the older version are often released. And what this means is that if you don’t upgrade to the latest software version, hackers will literally have a roadmap to getting into your website.5.

Your Site or a Third Party Plugin is Poorly Written

Poorly coded website forms, dynamic pages, and CMS plugins/modules could result in easily exploitable security holes. To prevent this from happening, make sure that all custom code is fully tested and coded with security in mind. And before installing a 3rd-party plugin or module for your CMS, review the feedback and/or take a look under the hood to make sure that the plugin is well-coded.