Why hackers want your website and how to stop them.
By Judy In Website DesignRecently I was meeting with a prospective client and went to show them a website I’d designed for another client. We were both fairly alarmed to be greeted by a spinning skull and crossbones on a background of fire, with some creepy text!
After reassuring my prospect that this, in fact, was not my design style, I notified my client that their site had been hacked. The client and I then spent numerous hours over the next several days restoring the site and implementing new security precautions. Many website owners have the mistaken idea that their site is small, simple and of no interest to hackers. Unfortunately, that just isn’t true. WordPress websites in particular, because of their huge popularity and open source software, are favorite targets for hackers. So, in the interest of sparing you this unnerving and time-consuming experience, I’ll go over the reasons hackers want to get into your site, and how to stop them.Why do hackers want your site anyway?
If your site processes financial information, takes credit cards or stores personal data, then it makes sense that you’d be an appealing target for a hacker. But even if you don’t store banking information, your site can benefit bad guys in several ways:Webserver Access
Most of the time it’s not your website that a hacker is interested in but the means that it provides. They want the free electricity from the computer power and web server that your site is running on. This access allows a hacker to perform more complex (often illegal) tasks, while simultaneously remaining anonymous through the use of a server that is not linked to them (because it’s conveniently linked to you).Viruses and Spam
A hacker can use your site to take over your server to send out spam emails or brute force attacks, resulting in your server being blacklisted. Or hackers can use your site to serve up viruses, malware, keystroke trackers and other malicious software, not just to you but also to your website’s visitors. Or the hacker may redirect visitors to another site that creates affiliate income for them. The possibilities to make a buck turn your website, no matter how small, into a very appealing and useful tool for a hacker.So what can you do to protect yourself?
The most common hacking access points on WordPress websites are:• 41%: Vulnerabilities in the hosting platform
• 29%: Out of date or insecure themes
• 22%: Vulnerabilities in a plugin
• 8% Weak passwords Unfortunately there is no way to completely stop a determined hacker. Like squirrels at a feeder, it’s their job to get in, and they have all day to figure it out. But if you can’t make your site completely un-hackable, you can make it annoying enough that a hacker will move on to an easier target. So how do you do that? Here are some simple safeguards that non-techie website owners can implement.