Did you know the FBI’s website has been hacked? Even the Department of Justice’s website wasn’t spared.
You may be thinking, “Oh my goodness! They’re all about security. I won’t be able to survive that kind of attack on my site!”
Before you panic and start biting your nails, you’re not the focus of those types of hackers. But don’t exactly jump for joy. Another breed of hacker, those only in it for the money, may be prowling on your site.
How Do They Do It?
- Place hidden links in your website.
- Use your e-mail account to send spam e-mails to your contacts.
Does it seem like you get tons of spam comments on your website each day? But it’s just spam, it doesn’t matter though, right?
Not necessarily.
Spam comments may have keywords in them that include gambling, drugs, pornography, and other things you do not want associated with your website. On top of that, spam comments are linked to spammy website and content.
Some small business owners say their visitors complain about a warning saying, “This contains adult materials,” when they have a general patronage, or GP, topic. Since when did the topic of saving the environment become an adult only niche?
The problem is Google’s algorithm may see your site as suspicious, thus the warning. This will hurt your website rankings, which can eventually push your website to the bottom of a search engine result.
So, what are you supposed to do?
Eliminate Spammy Comments
Akismet is a great plugin for blocking spam comments. It also eliminates spam links and spam trackbacks. You can then check to see how many spam comments Akismet is blocking. You’ll be amazed to see how many hackers are out there lying in wait to make your website their prey.
Limit Login Attempts
A dictionary attack runs a program that tries logging into your site using popular username and passwords a thousand times. How do they do it? It’s just like any simple guessing game. After using a ton of combinations, they’re bound to find a username and password that’s correct.
But dictionary attacks can be avoided with simple solutions. First of all, have a hard to guess username and password. This means adding special characters and upper case letters. This isn’t guaranteed protection, so you’ll want to limit the possible login attempts to your site.
The easiest way is to add the Limit Login Attempts plugin. It allows you to lock out users who put in the wrong username and password too many times. This plugin is fantastic because it’s easy to use and customizable.
Sounds Simple, Right?
You website is the core of your web presence. Don’t let it fall victim to some jerk who doesn’t want to get a real job. There are tons of free and low cost tools you can use to protect your website. Join us over at DIY WordPress Security to learn what you can do.
Remember: even a lazy hacker can hack the site of an even lazier web owner. Don’t let it be you!
If website security is on your mind, the DIY WordPress Security suite has you covered. From our content-packed, 21-page ebook and our 23-video online training series all the way up to our Full-Service security audit, we’ll find a way to secure your site that fits you and your business.
Pingback: Don't Believe These 5 WordPress Security Myths!