Wordpress Hacked – How to keep your small-business site secure, on a budget

by | Aug 26, 2013

WordPress and Security have become a BIG issue lately

Wordpress Hacked - How to keep your small-business site secure, on a budget
Michael Kramer, founder of Santa Barbara-based Ameravant Web Design. Web developers say a proprietary content management system, such as Ameravant’s SiteNinja, can be a more secure option than an open-source option like WordPress.
Wordpress Websites

Somewhere between 50-70% of a small business websites are using the free Content Management System “CMS”, known as WordPress.  Because so many sites use WordPress, this tool has become a big target for hackers to get the biggest BANG for their hacking efforts.

Are Free CMS’s better or Safer than Paid CMS’s?

Because this powerfull CMS is free business owners think they are getting something for nothing.  As the old saying goes, if it seems to good to be true it may not be real.  Bottom line is you may be getting your content management system for free but you are probably going to need to hire a paid professional to install and maintain the security of your website, and the hosting enviroment.  Here is an example of common costs for hosting and support:

Typical Cost for hosting and Supporting a Wordpress website

  1. Monthly Hosting of a WordPress website: $10-$15/month, or $150 per year
  2. Paid Support to upgrade your hosting account and your WordPress application:  1 hour every 3 months X $125 per hour =  $500 per year
  3. Average paid support to assist you with management of your website content: 1 hour every 3 months x $125 per hour  =  $500 per year
  4. Total Annual Cost of Hosting and Security Upgrades: $1,150/year

Typical cost for hosting a SiteNinja CMS website

SiteNinja CMS Websites
  1. Monthly hosting and lifetime free security upgrades: $39/month
    1. Secure Website hosting on Amazon Cloud
    2. Lifetime security upgrades to SiteNinja CMS: included
    3. Lifetime security upgrades to the hosting enviroment: included
    4. Lifetime free feature upgrades to your CMS: included
    5. Lifetime free live support (phone, screen share and Email): included
  2. Total Annual Cost:  $468/year

I think you can see there are hidden costs in supporting your “free” WordPress website. Your actual cost may be more or less depending on how often you need content support from your Webmaster.  You may also opt to not upgrade your website security patches as often, but then you run the risk of being hacked, which is not a cheep fix.

WordPress Websites Under Attack of being Hacked

A recent article authored by Stephen Nellis of The Pacific Coast Business Times reports a wave of attacks.

It’s a small-business owner’s worst Web nightmare: A customer or business partner calls up and says your website seems to now be an ad for Viagra pills from China or just infected them with malware. You’ve been hacked.

In recent weeks, a wave of hacks have hit small business around the Tri-Counties. The Business Times reached out to Web developers around the region for advice on how small-businesses can keep their websites more secure. Experts say that even without a huge budget or a full-time webmaster, small firms can take a few easy steps to protect themselves from some of the most common hacks and recover quickly if an attack does happen.

Free Content Management Systems are Easily Attacked

Steven also reports that free content management systems like WordPress, Joomla and Drupal, are built by 100’s of programmers makeing their own plugins or modules.  Because it is impossible to perform quality control on each of these modules, to see if it is secure, a rouge module can cause your website to be attacked.

by Stephen Nellis of The Pacific Coast Business Times

One of the first things to understand is that even the simplest of websites are far more complicated than the days of HTML files pecked out on a keyboard. Most websites today employ what’s called a content management system and a database. The database stores all of website’s content and information, and the content management system is software that runs on the Web server to display the front end of the site to users and let the site’s owners create and manage content on the back end.

The rise of freely available content management systems such as WordPress, Joomla and Drupal has revolutionized Web development. Since they’re free, some small-business owners try their hand at creating a site on their own, and others tap the vast number of developers who use the systems as a basis and take advantage of the millions of plug-in tools published for them.

Experts think that as many as half to three quarters of the sites on the Internet are running WordPress. That in itself is a problem: Hackers always target the most broadly used systems to get the best bang for their evil buck.

“One of the big dangers out there is using a pre-built CMS platform. They can be dangerous in that they have a lot of insecure plug-ins that were written by people that aren’t security minded,” said Forrest Hatfield, co-founder of ITECH Solutions in San Luis Obispo. “You have to be very careful about what you install.”

So when considering your next website development tool, consider the safety of the tools you are using, and the policies you have in place for making sure your webite data is protected 

Designing a website with SEO in mind is crucial for improving its visibility in Google searches. Here are some key aspects to consider for optimizing your website design for SEO:

### 1. **Keyword Research and Implementation**
– **Conduct Comprehensive Keyword Research**: Identify relevant keywords and phrases your target audience is searching for. Use tools like Google Keyword Planner, SEMrush, or Ahrefs.
– **Strategic Placement**: Integrate these keywords naturally throughout your website, including in titles, headings, meta descriptions, and body content.

### 2. **Responsive Design**
– **Mobile-Friendly**: Ensure your website is optimized for mobile devices as Google uses mobile-first indexing. Responsive design makes your site accessible and functional on both desktop and handheld devices.

### 3. **Site Structure and Navigation**
– **Logical and Intuitive Structure**: Organize content using a clear, hierarchical site structure. This helps search engines understand the organization of your content and improves user experience.
– **Breadcrumbs and Internal Linking**: Use breadcrumbs and a robust internal linking strategy to enhance navigation and authority distribution across your pages.

### 4. **Page Speed Optimization**
– **Fast Loading Times**: Optimize images, leverage browser caching, and minimize HTTP requests to improve page speed. Tools like Google PageSpeed Insights can help assess and improve load times.

### 5. **Content Quality and Originality**
– **High-Quality Content**: Regularly update your site with high-quality, original content that provides value to your audience. This engages users and encourages sharing and backlinking.
– **Content Freshness**: Updating content with the latest information can improve its relevance and ranking.

### 6. **Meta Tags and Descriptions**
– **Compelling Meta Descriptions**: Write concise and compelling meta descriptions that incorporate primary keywords to improve CTR (click-through rates).
– **Title Tags**: Ensure each page has a unique title tag that includes keywords and accurately describes the page content.

### 7. **Use of Headers and Formatting**
– **Proper Use of Headers**: Utilize header tags (H1, H2, H3, etc.) to structure content and highlight important information, making it easier for search engines to understand the hierarchy of your content.

### 8. **Optimized Media**
– **Alt Text for Images**: Add descriptive alt text to images using relevant keywords to improve image search ranking and accessibility.
– **Video Optimization**: If you use videos, ensure they’re properly optimized for fast loading and include transcriptions or captions.

### 9. **Secure and Accessible Website**
– **HTTPS**: Ensure your website runs on HTTPS to secure user data and improve trust and ranking signals to Google.
– **ADA Compliance**: Make sure your website is accessible to all users, which can also positively affect your SEO.

### 10. **XML Sitemaps and Robots.txt**
– **Submit an XML Sitemap**: Submit a sitemap to help Google understand the structure of your website and prioritize crawling.
– **Optimize Robots.txt**: Use the robots.txt file to guide search engines on which pages to crawl and index.

### 11. **Local SEO Considerations**
– **Google My Business**: Ensure your business is listed and updated on Google My Business if you target local audiences.
– **Local Keywords**: Include location-based keywords and create content relevant to your local audience.

By implementing these strategies, you’ll lay a strong foundation for your website to be more easily found and ranked by Google, ultimately increasing your site’s visibility and organic traffic.

Why Your Web Designer Should Be Using Figma

Overlooking the importance of utilizing design systems and tools like Figma in web design can greatly impact the success of your online presence. While many web agencies may not prioritize this, incorporating Figma into your web design process can provide numerous...

37 Ways to Level Up Your Design

Ever been working on a design that feels too plain? Let’s look at a few dozen simple ways to spice things up. Get ready to bookmark this page, because you’ll want to reference this list in the future. It’s unbelievable how many incredible pro-level designs feature...

Powering Creativity: Exploring the Pros of WordPress Page Builders

In today's digital age, building an eye-catching and functional website is crucial for businesses and individuals alike. WordPress, the popular content management system (CMS), offers a wide range of page builders to simplify the website creation process. In this blog...

Website Menu Accessibility

Heading Order One of the easiest accessibility improvements you can make to a website with big impact is adding headings to break up content and using them in  the correct numerical order. When you’re building websites, always use headings in the correct order to...