There are several considerations for website security. Costs for live monitoring can be prohibitive, so broad solutions that eliminate the majority of risks are a must for smaller businesses.
We’ve monitored dozens of WordPress sites to get a feel for the type of attacks that happen in the wild, giving us a great deal of actionable knowledge. From simple email spam, to complex injection attacks; We’ve created solutions to catch the issues at various points of WordPress’s structure.
Hackers rarely attack a site directly until an entity becomes a much larger target. They use bots that probe for various weaknesses, usually in code that hasn’t been updated. There are systems for stopping these attacks, but require someone being informed that a task needs to be performed.
We aim to highlight early in the consultancy phase that websites are not a ‘fire and forget’ asset. They need regular care and and attention to prevent code from becoming outdated and at risk.
We keep these tasks simple and low cost for low maintenance, low traffic sites. You can be protected, and have peace of mind on a minimal budget.
Email spam is a simpler form of attack, but can also require some creative steps to avoid. We monitor logs to check activity, and get alerts when something goes wrong with your site mail services.
Attacks on the login page happen often also. We’d always recommend to have complex passwords for accounts, none named ‘admin’, and to change the login url to anything but the default.
We counter a lot of these typical attacks by understanding the automation used. Once you see the common pathways they use, protection becomes a common sense practice.