Is Your Website Safe?
If you’re like me, your website is one of the most important marketing tools for your online business. It’s where your people find you and where you tell them what you can do for them.
What if something were to happen to your website and your people could no longer find you there?
The Day I Lost my Website
When I first set up my own websites and started helping clients with their WordPress sites, security seemed like a distant, low risk problem.
That changed on November 12, 2015 when one of my clients sent me a message letting me know that she couldn’t get to the page to sign up for more time with me because she was seeing this error.
I tried accessing my site and my Chrome Browser displayed a big red page blocking me from entering. I tried getting to my WordPress Dashboard – same warning. Panic flooded my body as I realized exactly how serious the threat of Malware is.
After getting my site cleaned up, I did a little research and discovered that WordPress sites are vulnerable to Malware Attacks and that where around 80,000 sites got hacked in 2009, that number was estimated at 240,000 for 2014 and that the numbers are growing. That explained why it wasn’t such an issue in 2010 when I started using WordPress, but that picture has changed and in 2017 it’s something I need to pay attention to.
Another reason that WordPress sites are so easily hacked, is because of those lovely little Plugins that can provide so much wonderful functionality to your site. For example, if you want pretty social media icons displayed on your site, you’ll find hundreds of free plugins that will do that for you with a few clicks. The problem is that not all Plugins have secure coding behind them and a high percentage (20% or more) of WordPress Plugins are vulnerable to attacks. Even when you have Plugins on your site that aren’t activated, they can still be used as a gateway for Hackers who want to get into your site and cause problems.
So what is Malware?
Here’s the definition I found: Malware aka Malicious Software
Besides being attacked by Malware, you also run the risk of your site being blacklisted by the search engines. That’s what happened when my client reported the warning shown above when she tried to access my site.
The Lesson I Learned
With a little help, I got everything cleaned up and back to normal. Since then my other site was also attacked and several of my client sites were infected with Malware. I learned the hard way that Malware poses a very real threat to my websites and to my business and that I needed to implement measures to reduce that risk.
Since this happened, I’m on a mission to help others avoid my nasty little experience.
That’s why I’m thrilled to be offering…
Website Security and Maintenance
Though it’s impossible to completely eliminate the risk of your site being infected, there’s a lot that can be done to reduce the risk of an attack and make your site less attractive to those ingenious Hackers.
Procedures that Reduce Risk
- Regular site backups – at least monthly.
- Regular review of Plugin versions and WordPress versions to increase site security. A word of advice – never update software versions or plugins without taking a backup before you update them. Mostly things will run smoothly, but if they don’t, you’ll want that backup!
- Minimize the number of Plugins on your site, deactivating and eventually deleting Plugins that aren’t essential. Besides the security vulnerability, Plugins can also interfere with other functionality on your site and impact performance (how fast pages load for your visitors).
- Change your WordPress Dashboard Password regularly. I recommend using the strong passwords generated in the latest versions of WordPress.
- Sign up with a reputable Malware Recovery Service to get rid of Malware should you be infected and blacklisted.
Of course you can do all this yourself, but if you’d rather not have to deal with it, I would be happy to take care of it for you every month.
Here’s what you get with your Website Security Subscription Investment
- Installation and setup of the BackupBuddy Premium Plugin (annual license fee $80).
- Full backups scheduled regularly with email alerts to me if anything goes wrong.
- Monthly maintenance deleting old backups as needed to ensure that they aren’t taking up excess space on your hosting account.
II: Monthly WordPress and Plugin Updates
- Every month I will review your Plugins and WordPress checking for new updates and bringing everything current. This includes recovery of your site from backup should anything go wrong with new versions of software not playing nicely together.
- I will look for Plugins no longer being used on your site and will deactivate and then delete them, should we get through a few months confirming that they’re not needed.
- Monthly email to you confirming what’s been updated and checked on your site.
III: Hosting File Activity Review
- I will log on to your hosting account every month to review file activity and look for anything suspicious.
- Review error logs to check for unusual activity.
IV: Sucuri Subscription
Since it’s not possible to completely guarantee that your site will never be hacked, when the proverbial you-know-what hits the fan you’ll want a service that specializes in clean-up to fix your site and get rid of the malicious code. That’s what Sucuri will do for you.
I will step you through signing up for your own annual Sucuri subscription. These are the guys who saved me and fixed everything when both my sites were attacked and blacklisted. The annual subscription of $200 per website is well worth the service provided. Here’s what you’ll get:
- Malware Removal: A team who specialize in Malware removal to clean up your site asap. Within hours of logging the clean-up request, Sucuri was all over it cleaning my site and removing the blacklisting status with various Search Engines in less than 24 hours.
- Firewall Protection: Once you’ve subscribed to Sucuri, I’ll set up a firewall in your Sucuri account. The firewall directs all visitors to your site, first to Sucuri’s “firewall” where they scan for potential malicious intent before allowing visitors through to your Hosting site where your website lives.
- Weekly Sucuri Update Reports: Sucuri will send you update emails listing daily scans of your site confirming that all is well.
- Me holding your hand: Should your site be attacked, I will work with Sucuri to ensure that things get cleaned up asap so that you don’t need to deal with technicians who may not speak your language.
V: Peace of mind..
knowing that I’m taking care of your site with as much care as I give my own sites.
What People are saying…
~ Laura Wagner
~ Shawna O’Hagan Morrow
~ Melani Marx
Frequently Asked Questions
Yes, you can certainly do that if you’re comfortable managing that risk. When my sites got hacked, it was relatively painless to sign up with Sucuri and get things cleaned up, but it did mean that my site was behind those nasty warnings while they were cleaning up and that’s absolutely not what I want my clients or prospective clients seeing when they go to my website. Having been through that experience, I will absolutely be renewing my annual subscription for both sites every year. My peace of mind is worth every penny for this business expense.
Update: February 2017
An increased risk of aggressive hacker activity has been identified making it a very good idea to sign up for this service so that we can get your site protected behind Sucuri’s Firewall.
Contact me and I’ll cancel it for you or you can cancel it yourself from your own PayPal account.
Contact me if you have additional questions.
Ready to Invest in Reduced Risk for your Website!
|Monthly Subscription*||Annual Subscription*|
(that’s two months FREE!)
*You can cancel this subscription at any time. Send me an email and I’ll take care of it, or cancel it yourself in your own PayPal account.