WordPress Security

Is Your WordPress Website Safe from Hackers?

Hacking has become a huge problem for small business websites. According to a report in Forbes magazine, more than 30,000 websites are hacked every day. The FBI and the Department of Homeland Security have reported a large increase in cybercrime during the current COVID crisis.

Small business websites are particularly vulnerable targets, because hackers know that small businesses don’t have web security staff. And since WordPress is the most widely used content management system in the world – it’s a BIG target for hackers.

WordPress is actually very secure. The company has over 40 full-time security specialists working on their staff. But no system is 100% secure. From time to time, hackers discover “holes” in WordPress, or in WordPress plugins. When that happens, patches that close the security holes are included in the next release.

Hackers understand this – they use automated tools to scan for websites that have not been updated, so they can exploit vulnerabilities. That’s why it’s very important to keep your site up-to-date. Every single time we have seen a WordPress site hacked, the underlying cause was outdated software.

What Can Happen if Your Site is Hacked?

Some hackers are simply malicious. Hackers may take down your site, or post damaging content.

But more often, hackers want to use your server for criminal activities. This may include:

  1. Stealing confidential information entered on your website.
  2. Posting malware which may be downloaded to your site visitors, to infect their computers and steal their confidential information.
  3. Using your site as a spam relay, so that spam appears to be coming from your server, and the original source can’t be identified.
  4. Using your site to host hidden archives of pornography or other illegal content.

If your site is being surreptitiously used for illegal activities, you probably won’t even know it… until someone reports it.

To help protect your site from hackers, LunaGraphica offers three levels of service:

One Time Review and Update

Our basic review and update service is a critical step to making sure your site is secure. It includes the following steps:

  1. Installing backup software (if it is not already installed on your site), and verifying that it is running correctly.
  2. Updating your site software (WordPress, all plugins, and php if necessary).
  3. Installing a site check plugin and running a “health check.”
  4. Installing a security plugin to scan for malware, and help detect and block hacking attempts.
  5. Providing a written report on all the activities taken to update and secure your site.

Fee: $150

Important Limitations to Our Services

  1. We cannot guarantee that your site will remain malware-free; however, in our experience hackers tend to look for easy targets; we’ve never seen an up-to-date and secure WordPress site hacked.
  2. We may sometimes find plugins that are out of date and no longer supported. In that case we’ll discuss the options with you; there may be additional costs to find a replacement for the plugin.
  3. We may find that your site has already been hacked or infected with malware. In that case, there will be additional costs if you’d like us to remove the malware.

Monthly Review and Update

We’ll provide all of the services listed in the “one time” service on a monthly basis, to keep your site up-to-date and secure.

Minimum 3 month commitment; you can cancel at any time after the initial three months.

Fee: $100 / month

Weekly Review and Update

For high-traffic, mission-critical sites, we can provide our update and security services on a weekly basis.

Minimum 3 month commitment; you can cancel at any time after the initial three months.

Fee: $250 / month

Want to Learn More?

Contact us for details on our website security and site maintenance services.