From time to time we get panic phone calls from clients about their WordPress website being hacked. All of a sudden, the website has been shut down by the hosting company, the visitors’ virus program warns of the page or the page has been blacklisted by Google may be an example. The questions they often have are “How could this happen?” and “How fast can I get my web page restored?”. Troubleshooting, recovery, and restoration of content often take a lot of hours to complete, and the page is still vulnerable to new attacks if you don’t close the security holes.
Why are WordPress sites hackable?
WordPress is today the world’s most used platform for websites. It’s easy to start using and creating a web page or blog, even if you lack knowledge in programming or technical knowledge in security and hosting. This means that many websites are completely unprotected on web servers that only offer the actual storage of the files for the website. Because of this, there are hackers who are willing to spend a lot of time finding loopholes to “take over” a website. The team behind WordPress works continuously to obstruct security holes and regularly publishes new versions of WordPress. However, the updates must be installed on the website to be effective.
What can you do when a website has been hacked?
The easiest way to restore a website is to restore a backup of the site. This requires that you have a backup service on your server and that the backup is saving versions every day, not to lose any content. If you don’t have a backup it is very hard to restore a website and its content. After restoration, the page must be reviewed so that the security holes used by the hackers are detected and can be removed, usually by updating to the latest version of WordPress and the plugin extensions that are installed.
Is there anything that can prevent a website from being hacked?
You can minimize the risk of your website being hacked by always installing the latest updates for WordPress and all its add ons. Make sure you have a backup for your website if anything would happen. Likewise, it is important that the supplier keeps the other parts of the system updated – and if you can also complete with some sort of Web Application Firewall (WAF) then you protect the site against additional attack areas.
We want our customers to have as few problems as possible with their hosting. They should not have to be afraid that their services will stop working. That’s why Rackfish offers Manage WordPress hosting; for the cost of only half an hour’s work per month you get hosting, continuous updating of WordPress and its add-ons, and double backup on your website for quick restorations!