Website Security: Why Websites Get Hacked and How to Prevent it from Happening to your Website

Feb 9, 2017 | Blog, Security, Web Tips, WordPress | 0 comments

Websites get hacked.  Big sites, small sites, in between sites.  There are a handful of reasons why they get hacked.  The bottom line is if your site is one of the unlucky few that does get hacked – you want it fixed, right now, yesterday.  The best thing to do if your site is hacked is to indeed correct it as quickly as possible, because the things that can happen as a result are not good.  Among them…

1. Your site is identified in the search engine results as a site that “May be hacked.”

This will undoubtedly result in a decrease in traffic to your site.  Who really wants to tread forward to a site that has been compromised for the fear that something bad will happen to them or the device on which they are visiting your website.

wordpress-site-security-dayton-ohio-2

2. Your site is blacklisted and warning pages are displayed as visitors attempt to visit your site.

When your website is blacklisted and browsers begin to display warnings such as the warning below, traffic to your site can decrease by as much as 95%.  Not good.

wordpress-site-security-dayton-ohio-3

Why do websites get hacked?

There are a few reasons why websites get hacked, sometimes for no reason at all, or for the amusement of the hacker.  The two most common reasons are listed below…

1. Economic Gain

These hacks are attempts by the hacker to make money from your website visitors.

A drive-by-download installs malware on your website, and looks to infect as many of your site visitors as possible.  Example: Hacker makes it look like you are recommending a product or service on your website, the visitor buys the product, hereby giving the hacker access to the visitors bank account.  Bank account…drained.

Blackhat SEO campaigns are not as devastating, but sometimes more lucrative for the hacker.  In this instance, the hacker installs links (seen and unseen) on your website that direct your visitor to sites that generate affiliate revenue.  These links eventually show up in the Search Engine Results Pages (SERP’s) and this is where the hacker really begins to cash in.

2. Use of system resources

This type of hacking uses the available bandwidth and physical server space.  System resources may also be used for economic gain, as your resources may be leased out to third parties, as available space.  You may have heard of the term Botnets.  Botnets are nothing more than interconnected systems across the net. They can be desktops, notebooks and even servers – similar to your webserver employed to perform tasks simultaneously.

What can I do to prevent it?

There are third party services that provide 24/7 website hacking and malware monitoring for a fee.  We recommend a service provided by Sucuri, for the value they deliver.  The Website Security Stack they offer provides three things…

1. Website Firewall: Prevents the bad guys from getting into your website.

2. 24/7 Website Hacking / Malware Monitoring and Removal: If there is a problem they fix it for you.  The price of the service is well worth this point alone.

3. SSL Security Certificate: Protects sensitive data in your website, and Google gives your site a small bump in the SERP’s for having a SSL installed .