Rusty Mango Design
FacebookLinkedInYouTube
Let's get your business online  Call Now  0488 406 050

Don’t get HACKED – Secure your WordPress Website!

Loading...

If your site has been built on the WordPress framework, you are in good company. With a calculated 25% of all websites built using this user-friendly CMS, WordPress is easily miles ahead of its competition. However, with this popularity comes an inherit danger – it is a regular target for hackers.

WordPress was born from an open-source project and remains free to everyone who wants to create a website. Open source means that the code that makes the whole system work is available on the internet with no restrictions. This factor is important in the whole WordPress “ecosystem” as it allows developers and coders to create the myriad of plugins and themes that make the CMS what is it.

Unfortunately, hackers can also look at the code and discover its weak spots, making it vulnerable to spamming and security breaches. For the small time user, this may never be a problem that presents itself. But if your site attracts the unwanted attention of a hacker, they can cause all kinds of problems for your small business website and its visitors.

To protect your site (big or small), there are some very simple measures that you can employ without the need for any programming knowledge (or outside help):

1. Update the WordPress Core.

To do this, access the Dashboard of your site. If a new (major) version of WordPress has been released, this information will be displayed on the main screen of the Dashboard with a UPDATE link. With the newer versions of WordPress, small incremental updates to are performed automatically

2. Update the plugins that you are using with your site.

In the main menu of the Dashboard, under the Home button, an Updates options will appear when updates for your plugins are available. Click on it to access the Updates page and select the updates that you want to apply. At the same time, visit the plugins page of the Dashboad and delete any plugins that you aren’t using. Even though they aren’t being use, these deactivated plugins can still provide backdoor access to your system.

3. Use a secure password.

A brute force attack, where the login for a site is attacked with a systematic password hack, is hard to protect against but with a secure password (one that used no common words and a mix of symbols, letters, numbers), the hacker will have to work harder to penetrate your system. Also, try to limit the number of users that have access. If someone doesn’t need access and will not be updating the site, don’t give them access.

4. Install the WordFence plugin.

This free plugin has so many features that I can’t list them all here. For a very basic explanation, Wordfence provides high-quality firewall and malware protection for your WordPress website and you must have it on your site. Setting this plugin up puts into place a huge roadblock to anyone or anything wanting to cause harm to your site. Get it here: https://wordpress.org/plugins/wordfence/

Don't get hacked - WordPress SecurityAll of the above options are accessible through the Dashboard of your WordPress site but only if you have administrator access. If you log into your site and cannot see or perform the tasks listed, contact your website developer and request an upgrade of your user access.

There is nothing worse that trying to regain control of a severely hacked website however, if it does happen to you and the above steps do not reverse the damage to a perfect state, it is not the end of the world. The server on which your site resides should be* backed up on a regular basis and can be restored by your server provider* to a previous day/week for a small charge.

As always, however, a pinch of prevention is worth a full pound of cure.

* If your web server provider does not backup at least three times a week, then it is imperative that you find a new provider. Security of your website is paramount.

* A server provider such as Digital Pacific, Netregistry, WebCentral, etc provides the space where your website lives. It is generally not the same as your Internet Service Provider (ISP) that connects your business to the internet.

 

Information Overload = High Bounce Rate = Poor Website Performance

Information OverloadIn numerous blogs, books and forums, small business owners are told from the very beginnings of their online forays that content marketing is a must for a successful website. Any solid marketing advice will say “You must create FAQs, blog posts, videos, podcasts, Facebook feeds, how-to sheets, free e-books, Tweets and Pins for your site to REALLY connect with your target audience.” This is good advice, after all, Google loves fresh content and so do those visitors who return to your site.

But there is inherent danger with all this information – having been told to create it, some website owners get carried away. And, unfortunately, your website visitors may not appreciate this content as much as you do – especially if it is displayed to them all at once.

By this, I mean displaying it all on the very first page of a website – known as the landing page.

In a recent blog post I mentioned Google Analytics which is an excellent tool for tracking and reporting on website traffic. One of the key statistics from Google Analytics is the “bounce rate*” for the site on which it is installed.  If your site overwhelms visitors with the information displayed on that first page, then you may find that your bounce rate is quite high.

The key to solving this problem is to remember this simple point at all times: your site visitors have arrived at your site seeking only one of two things, information and engagement. Think back to any site that you have ever visited – you have sought out those sites out to either find out more about the business and their services/products or, engage them in further conversation (which can take many forms) and maybe make a purchase.

So how do we avoid information overload on key pages of your website?

Try to keep information in line with the five basics of a good home page:

  1. A catching headline that includes your keywords. If you are a plumber in Innisfail, use a title liked “Professional Plumbing Services – Innisfail.” Keep Google happy by staying under its preferred title length which is 70 characters.
  2. A solid sub headline paragraph (or two) that briefly describes who you are and what you do. Visitors love a story so you could also talk about what you can do for them but don’t get use jargon, remember to apply the K.I.S.S.* principle here.
  3. Display your immediate contact information in the top right hand corner of the page. If you want people to ring you, show the phone number in a large font. If you prefer emails, show the email address. Remember to keep it all mobile friendly by ensuring that both of these can be clicked/tapped.
  4. Make your Call to Action very clear. In most cases, this is what you prospective customers will be looking for so make it STAND OUT! Don’t make customers search for your latest deals or booking forms, make them so obvious that a blind person could find them.
  5. Everyone loves a good slideshow (that’s why every site these days has one). But don’t just use it to display pretty pictures – make it part of your marketing plan. Make it part of your HOOK* to immediately engage your visitors.

Get those things right on the front page and everything else is superfluous – put the extra information on other pages. Use your navigation effectively and your visitors can find it if they want to dig further.

With the advent of Content Management Systems like WordPress, Drupal and Joomla, there is the ability to create a multitude of cascading pages for your website so there is no excuse for not using this to your advantage.

Keep the front page of your small business site clean and simple using the five items above and monitor your Google Analytics. Done effectively, you will watch that bounce rate drop away as your prospective customers come and, most importantly, stay.

* the percentage of visitors to a particular website who navigate away from the site after viewing only one page.

* K.I.S.S. = Keep It Simple Stupid

* a hook, which is a short phrase or jingle designed to entice a customer to purchase a product or sign up for a service.

Rusty Mango Design

Rusty Mango Design