Modern technology allows us to create, host and display web content near instantaneously. About the only major buffer to our experiences is how fast we can type. It’s certainly great that this technology allows us to share our ideas so quickly, however— it is not always without cost. Web apps, visual editors and other automated processes may speed up our ability to communicate, but they also shield our eyes from the more technical details that are happening behind the scenes. High speed information and distance from the technical aspects of the internet can sometimes make us forget about other important parts of the web experience, like security.
Remote hosting, domain name services and content management systems (CMS) can create an illusion that portrays your websites as always being under someone else’s care. However, in the end, a lot of what we do on our websites can leave our domains open to attack, even if the servers they sit on are otherwise impenetrable.
In fact, using a CMS or FTP system to work on your site is a little like a security breach. The servers where your websites are stored don’t view your access as threats because you have permissions for access. Permissions are protocols that specify the 5 w’s (who, what, where, why and when) of server access. These are important because if someone tries to access your site without meeting all of the necessary conditions, then your host should limit their activity, or prevent their access all together. If you access your host servers directly through their site or by FTP, then there are multiple ways for you to specify these types of permissions. Which is why it is so important to protect your login information. If someone or some program obtains this information, they could gain unrestricted access to your site.
Not all attacks are so blatant though. There are many other ways for people and programs to gain access to your sites. One common method is through a CMS platform. By exploiting weaknesses in plugins, apps or other aspects of your CMS, hackers can sometimes gain entry into your otherwise secure system.
programs that have access to your server storage have the highest risk potential. These include form, mailer, SEO and other code modifying plugins. We use these programs to simplify our lives, but if they are exploited by hackers, they can drastically complicate our existence. Fortunately, there are relatively easy steps that can be taken to protect your site from intrusion. Among the most important: keeping your CMS and plugins up to date. Sometimes, waiting for updates can seem like a hassle. Especially when you are using a lot of plugins. However, no download speed will slow your life down more than a compromised site can.
Generally, CMSs make it easy to see what plugins are in need of maintenance and have rules in place to minimize the potential for incompatibility. Many plugins offer auto-update options as well. Taking advantage of these features can greatly reduce your risk of attack and possibly improve your efficiency.
Here at Gravitate Online, we have a lot of experience helping others fix their site after an attack— and it’s not pretty. Furthermore, even if we can repair a website, there is no fast track to fixing rankings. While it’s not certain, a well executed cyber attack can land a domain in ranking limbo.
Even if the tech side of your website is not your thing, take a little extra time to learn about basic site security. By taking simple steps, like keeping stride with your updates, you can save yourself time, heartache and money. Make sure that your plugins are working for you, as they were intended— not against you in a cyber attack of doom.