Why and How You’re Getting Hacked

Long exposure shot of a skyline

Why and How You’re Getting Hacked

5 min read

We’ve always offered hosting, security, and support for our clients’ websites for a few reasons. 

First, if your website is down or hacked, all marketing efforts are worthless. What good is a new, optimally designed homepage if your ideal customers can’t view it? 

Second, good SEO cannot be done without direct access to a site to add content and links, adjust user experience, and perform simple but impactful maintenance. 

A Secure Sockets Layer (SSL) website and consistent security updates are critical to small business marketing success, and will help you avoid harmful cyber attacks.

Understand the Threat of the Dark Web

As we’ve grown as marketers, we’ve also had to increase our understanding of how WordPress sites should be maintained and secured on a massive scale to better serve our clients. Part of that is understanding the “Deep Web,” also known as the “Dark Web.”

The internet is just like the real world, in that shady characters and situations can sometimes get caught up in our everyday lives. Latching onto the infrastructure we use on clearnet (publicly accessible internet you and I use normally) are private and secret networks that form like barnacles on legitimate websites, servers, and systems. 

These networks operate similarly to both real-world petty and organized crime — exchanging drugs, sex, stolen goods, money, and even in some cases murder. They use back doors and set up fronts to accomplish their goals (this is the reason for most hacking).

[Embed: What Is the Deep Web? YT Video]

Protect Your Website Like You Protect Your Home

If you run a website and you’re not as vigilant at protecting it as you are your own home, you will end up regretting it. 

Cyber criminals and hackers can use a poorly protected website to mine for personal data and information, exploit customers, and install malicious software that can cost your business valuable time and lots of money. A hacked site can even get you “blacklisted” from Google, hurting your reputation and severely damaging your SEO. 

Be sure that your site is locked down by every security measure possible, and be sure that your data is backed up multiple times to multiple (off-site) locations. 

Why WordPress Is Vulnerable and What You Can Do

The web is standardizing for small businesses because of WordPress’s popularity and simplicity. It now makes up 25% of the entire internet. The standard settings they use make the sites as vulnerable as Windows OS was in the late 1990s, allowing hacking bots to replicate themselves at scale. 

The best thing for everyone to do is:

  • Use a different username than “Admin.”
  • Use a password manager such as LastPass to encrypt and rotate passwords.
  • Install a site firewall such as Wordfence to block IP addresses that are trying to login multiple times and failing.
  • Ensure that you have a server-wide firewall installed.
  • Run a program similar to SiteLock – Website Security, to scan for any malware that does get in, and automatically remove it.
  • Set up regular backups of your data to another location that is independent of your normal host. Amazon s3 has an API to allow this if you have WHM access.

What We Do at Marketeering Group

At Marketeering Group, we’ve also implemented the following security measures as part of our hosting and maintenance package to protect our clients and their websites from hackers and cyber criminals:

  • We provide hosting on our Premium WPEngine account, giving you access to features such as Google Cloud servers and limited server sharing. This option increases your site speed performance and security.
  • We perform monthly WordPress, theme, and plugin updates that prevent attacks and degraded performance, as well as additional proactive updates if needed.
  • To prevent breaking a live website, we run all updates on a staging copy of your website and test each update before updating your live site.
  • Don’t worry about scrambling to fix your site after a cyber attack or hacking incident — we run automatic website backups so that we can flawlessly restore your site to a previous, unbroken version. Monthly backups are then stored on a separate Amazon S3 storage account.
  • We facilitate malware cleanup on infected sites provided by WPE.
  • No matter what time it is, we’ll help you get your site back up and running during an outage. During business hours contact us, and after hours we’ll provide you with a phone number and account name for WPEngine.
  • We offer tech support and troubleshooting for issues caused by the hosting platform or regular maintenance updates.
  • Keep your site running at its best with our curated selection of top-rated performance and security tools that we’ll install on your website.
  • We’ll receive a notification as soon as your site goes down so we can make you top priority.
  • We provide premium web forms and spam filtering.
  • Ensure your website is looking and performing how you want with regular check-ins and screenshot comparisons.
  • We install reCaptcha on the login page to block hackers and keep them out.
  • The activity monitor we install will keep track of updates and changes, as well as who made each update to help prevent confusion and streamline troubleshooting.
  • Finally, our custom dashboard plugin will clean up the WordPress admin area, creating a space that’s organized and easy to work in.

Take the Next Step and Contact Us Today

If you want to make sure your website is protected from hackers and cyber attacks, regularly updated, and hosted with care, contact Marketeering Group today. We’ll make sure you feel confident in the security of your website so you can focus on what really matters — growing your business and connecting with your customers.