Around three months ago, a site I owned got hacked. It wasn’t anything I did wrong. I simply uploaded the latest CMS for a popular blogging platform, and right away, within 24 hours of it going live, the blog was hacked. If I hadn’t gone to sleep, and stayed awake all night adding patches and plugins to protect the blog for those 24 hours, then I’m sure it would never have been hacked. As it was – I had to go into the SQL and remove all the unwanted problems the hacker had created. Or, more specifically, the hacker’s bot.
I soon realized that there would be other occurrences of hacking that would leave me unprotected, and could end up in downtime for projects I wanted to get to market pretty quickly. I therefore decided that I would befriend a hacker, but what actually happened is I found a group of individuals who performed penetration testing on your website or network, and let you know what holes are there that need blocking. This turned out to be a great investment, and allowed me to up the security of many sites.
Whilst the group is no longer available for hire, there are some great vulnerability testers out there that will test your website for any holes, where a hacker might try to attack. WordPress Scanner for example specialize in WordPress security, whilst large companies like WhiteHat Security will perform more thorough testing across many platforms and systems.
You do not always need to perform an in depth examination of the whole server, and can leave the testing at just the first ‘layer’ of your website, which would be the starting point of any hacker. For example, WordPress has had many security updates over the years, and most problems are fixable if you know what you are doing with SQL. If you do not, then you need to hire a web developer, or PHP specialist, who can dig out the unwanted stuff and leave your website semi-intact.
If you are serious about making your website secure, so you can offer eCommerce, store data, and leave your downloadable properties online at your host, then you need to consider a third party company who will be able to provide a full service for you, and give you peace of mind. The worst can and does happen every day to bloggers and webmasters, and we should never take anything for granted. In the morning, when your screen is a deathly white – don’t say they never told you so.