I meet new WordPress clients weekly and I'm surprised at how many of them are setup for disaster. They are an attack away from losing accessibility to their website for days or even weeks. No backups, no general maintenance, basic security, or development support, and no response plan in place. Some don't even know where their website is hosted or who owns the domain name that points to it!
How many WordPress websites get hacked?
As of this year, there are about 1.4 billion websites on the web. More than 450 million use WordPress. While nobody knows exactly how many WordPress websites get hacked, the best estimate is at least 13,000 per day. That’s around 9 per minute, 390,000 per month, and 4.7 million per year! One might say that's only around a 1% chance but in reality it's much higher. Consider that many WordPress sites are protected against hacking. Big companies and organizations like Sony Music, New York Times Magazine, Vogue, The White House and many others are well funded and have staff to manage, maintain and monitor their WordPress websites. But as you get into small to medium size businesses their hosting infrastructures are less sound. There's no dedicated IT staff or protocols and certainly no disaster plan. A hacker can shut your website business down in a matter of moments. Sure you can restore a backup (if you have one) but if the core problem isn't addressed they'll attack again and again and so on. It's a nightmare.
Why would anyone hack my WordPress website?
Many WordPress websites lack basic security. WordPress is the most popular CMS in the world and its' core software is free to download and install on your server. The availability and immense popularity gives hackers an easy way to find ways into websites that are less secure, so they can exploit them. Why? Because they can, and because you let them, it's really that simple. Something to do, another feather in their cap, bragging rights amongst their peers, and of course messing with the "Man" and his Corporate System.
How do I make sure my WordPress site is safe?
Having a disaster plan is essential to not only restoring your website functionality but also addressing the points of infiltration to prevent further attacks. Daily backups, software & plugin revision updates, additional security measures like 2-factor authentication, strong password policies, audits and optimizations.
While no website is 100% safe from being attacked there are numerous things you can to protect your WordPress website and prepare a response that stops the attackers in their tracks!
If your business is using WordPress and you have questions or concerns about its' security please contact me for a free consultation and website review. Don't make it easy for hackers!