Newsletter that was sent to our customers. Please click here if you want to receive updates like these.
Dear Customers
Today was not a fun day! For the first time, I had to deal with a client’s site being hacked and malicious files placed on the server. It was luckily caught in time and the problem was rectified without any damage done. However, this was a not so gentle reminder that the criminals are getting smarter and that we have to ALWAYS be one step ahead of them.
From my side, I will be installing new plugins to all my maintenance client’s websites this week, updating passwords and doing scans to make sure everything is fine. I will notify you on the day I am doing this and inform you of password changes. If you have LastPass installed I will communicate the passwords via this application. I highly recommend that everyone uses LastPass to store passwords, it is so easy to use and so much more secure than saving it on your workstation or the cloud. If you would like to register a free account please let me know so that I can send you an invite. This means both of us get one month Premium membership free.
Below I will outline some steps you can take yourself to make sure it doesn’t happen to you.
If you would like me to do this for you please contact me to book your spot for only R350.
What steps can I take to prevent my site from being hacked?
There are a few simple steps that will make your site much more secure:
- Please make a full backup of your website before you touch anything! A plugin called Updraft will make this job very easy for you.
- Yes, you guessed it! An SSL Certificate. If you have not done it yet, the time is NOW!
- Update your plugins, themes, and WordPress.
- Change your passwords regularly. Don’t forget about your database password, FTP password and hosting account password. NB! When you change your database password, don’t forget to update your wp-config file too!
- Save your passwords in a secure password manager. Here is an interesting article about the best 5 on the market. https://lifehacker.com/5529133/five-best-password-managers
I can personally vouch for their number one on the list, LastPass. I use the free account which will be perfectly fine for most small to medium business. - Install a plugin called Wordfence. You can get it from WordPress.org:
You can also upgrade to a premium version if you feel you need extra settings and configurations.
- Do a regular scan of your website. I use Wordfence and these two websites:
https://sitecheck.sucuri.net/ - https://www.virustotal.com
- Lastly, do a full back up again!
Conclusion
To avoid your website from being hacked, or even just being exposed to phishing attempts, make sure you have the above steps in place. Revise this regularly, at least once every few months.
If you need help, please let me know. In my opinion, having that peace of mind that your site is secure is really worth R350! Or better yet, sign up for a maintenance contract to make sure things like this are always in place and you receive preferential treatment when you need it.
If you would like to register for a free LastPass account and give me a free month Premium membership, please let me know so that I can send you an invite. If you do, THANK YOU! and please let me know so that I can make sure it is allocated to both our accounts.
As always, if you do not wish to receive these updates, please click unsubscribe at the bottom of this email.
Kind Regards
Vernita Kruger
Red Swirl Design