February 13, 2017

Is Your WordPress Site Secure?

Is Your WordPress Site Secure?

Is Your WordPress Site Secure?

Just last week, we read an article in the BBC that detailed a massive attack on WordPress sites. A security vulnerability, discovered by WordPress security firm Sucuri and made known to WordPress on January 20, 2017, left tens of thousands of WordPress sites vulnerable to attack. A patch was made, a notice was sent, but still, in the aftermath of it all, more than 1.5 million WordPress pages were altered and defaced as a result. Bloggers lost content, business lost potential revenue; it was a bad day for anyone using WordPress and completely avoidable.

You can read the short article here: https://www.bbc.com/news/technology-38930428

So how could all this happen? WordPress is such a big organization, surely they can protect against attacks of this magnitude?

Well, yes and no. WordPress being such a widely used framework is a double-edged sword; millions of users mean lots of support, yes, but it also means there is much more opportunity to be had by hackers and spammers. WordPress does what it can but as we’ve seen, in time, they will leave a door open for security threats.

And although WordPress issued a patch quickly and sent out a notice, a large part of their users simply did not update their frameworks to implement the patch, thus leaving the vulnerability wide open for many users and sites.

So this brings us to our question for you: Is your WordPress site secure?

  • What are you doing to ensure the security of your e-commerce site, your WordPress blog?
  • Is your hosting environment secure and clean?
  • Do you know what your hosting environment is like?
  • Are you regularly updating your site and plugins and backing up content?
  • Are you monitoring your site for security breaches?

This isn’t an article about how to secure your site from attacks; there are thousands of articles like that out there and we’ve discussed it in length as well. This is just a reminder that site security is a real thing and if left to wishful thinking, can have visceral impacts on your online business and site.

And if you’re wondering, yes, we take care of all of these security issues for our customers. We host on a private secure environment, we monitor all of our sites, we provide sites backups, updates on all plugins and frameworks, we provide SSL certificates and clean hacked sites. So yes, we do all of this.

This isn’t a sales pitch, however. This is a reminder for you.

If you’re not addressing all avenues of possible security breaches to your site, you should be. It’s super, SUPER simple to take very basic precautions that can literally save you thousands of dollars. I can’t emphasize how easy and simple these basic steps are. The energy required in addressing security is basically negligible but will save you so much time and money.

We’ve had many a customer come to us with a hacked site or lost content and need a “quick fix” that ends up costing $500-$800 to rectify. But if they had a backup or if they just simply clicked “Update” on their site, a 2-second process, they would not be in the mess they’re in.

So let this be a reminder. Take site security seriously and do it yourself or hire someone like CodaStudio to take care of it for you. Either way, you’ll be happy you did and you’ll save yourself money and stress in the future.

About the author

Ivan is a CodaStudio lead wordpress developer. He also manages a web design company at Elivan Studio. He likes to sneak in a few games of World of Tanks, and is a huge Harry Potter movie fan.

Subscribe to our newsletter