One of the most devastating things that can happen to any site owner is getting your website hacked. It happened to me once and I can tell you it’s no barrel of laughs.
Unfortunately is happens too often. However, there are some simple steps you can take to deter your site from being hacked or at the very least correct the issue quickly.
I. First and foremost keeping your website’s software updated will help you in the prevention of possible hacks.
Many of these scripts get updated periodically to improve usability as well as fix bugs in previous versions of the software.
II. Another method is making sure your passwords are not too simple to guess.
This can be effectively done by creating a password with a mix of numbers, letters and characters. Although, it is usually recommended that you change your password periodically, the jury is still out whether or not this actually makes a difference; but better safe than sorry.
III. One of the biggest tips I can offer you is – change your username!
All too often site owners are still using the automatic generated username: admin, when they first installed the script. This is the first thing hackers check for.
Since many webmasters never bother to change this username all that is needed for hackers to do is to break your password code. You are handing them half the equation by not changing this username.
Here is a quick video on how to change your username in WordPress:
IV. Another key thing to keep in mind is doing backups of your site regularly.
If you post new content on your site several times a week, then I would recommend daily backups. If you are running a script where that is not convenient then I would suggest running a backup after posting a sufficient amount of new content.
If you are using WordPress it’s very easy to do. Just install WP DB Backup Plugin to backup your database daily. This backup does not cover your wp/content folder, so you will have to do a manual backup of this folder via FTP. This will preserve all your content such as posts and images.
You can also log into your cPanel and do a full website backup. This process may take some time to download depending on the amount of files you have but will backup all you files all at once including your database.
Once the backup is complete than it’s simply the matter of connecting to your server via FTP and transferring the zipped file to your desktop for safe keeping.
You can as well choose to back up the Home Directory and the MySQL Database separately if you like. You also have the option to do backups on your email forwarders and filters if you have any set up.
It might be a good idea to contact your web hosting company to inquire into whether or not they offer backup software. Although this can be a great option, you should still do backups on your own to ensure timely recovery of your site in the event that your site goes down.
Doing backups are time-consuming I know, but consider the alternative. If you were forced to do a fresh install of your software due to being hacked, you would lose all your information if you did have the proper backups. It is in your best interest to take the time and the bit of inconvenience to do the backup every so often than to lose all your files …no fun.
These are just a few steps to help secure your website. If you’ve been fortunate up until now with no issues, it does not mean it will not happen. Do yourself the favor and set up these security measures and possibly save yourself hours, even days, of headaches of trying to get your site back online working properly after getting hacked.
Today’s Action Plan:
- If you are running WP and haven’t done so yet, install WP DB Backup Plugin
- Change your username: admin
- Do a backup of your full website
Has your site been hacked? What was your experience with it?