The recent COVID-19 pandemic has caught many businesses off-guard this year even though the warning signs were talked about by some of the greatest minds of our generation, namely, Bill Gates shown here in 2015 predicting Corona virus:

The world often turns a blind eye to what could happen, particularly if there is a financial cost to an issue that may or may not affect you. Bill Gates may not have the same money worries as you an I, however you don’t have to have a lot of money to prevent attackers from abusing your WordPress website bringing it crashing down or leaking valuable data.

Take a second to comprehend in the last 30 days from the date of this post, “Wordfence“, one of the most popular WordPress security plugins, recorded 3,674,678,328 attacks on websites around the globe. That’s billion with a capital (we)B, pun intended!

WordFence website attacks blocked in last 30 days.

It seems like even in global lock-down, the attacks on websites by malicious hackers have increased probably because the attackers have more free time and isolation. I refer you to a recent article on WordFence’s blog written 13th May 2020, titled “One Attacker Outpaces All Other“, showing how one attacker (or faction) can exploit many millions of websites over a short period of time on a global scale. The number of attacks per day are in the millions.

Another leading WordPress security plugin is, “iThemes Security“. In another recent article written by Kristian Write titled,”5 Common WordPress Security Issues” we see that 3/4 of all vulnerabilities occur from WordPress plugins. They claim that 84% of all security vulnerabilities on the web are caused by Cross-Site Scripting or XSS attacks.

That means if you are not regularly updating your WordPress core, theme and plugins, your website is a potential target and if you are not taking regular backups of your website, in the worst scenario you could lose your website – your investment all that time / money and effort. Worst of all, hackers will usually leave a clear message or spread a virus / malware to your unsuspecting visitors – affecting your online reputation and losing valuable trust with your customers. Imagine your online shop website gets hacked, even your loyal customers will never want to put their credit card information in until they know the site is safe and bad news spreads fast.

Installing either or both of the above mentioned WordPress security plugins is not enough on it’s own to protect your WordPress website. This is because threats change and they need to be setup correctly for your particular website.

How do you protect your WordPress website?

Here are a few preventative measures that will keep your website online and your website visitors and customers happy:

  1. Learn how to regularly check for suspicious activity
  2. Scan for malware
  3. Find and block malicious IP’s (but not the wrong ones!)
  4. Take regular backups of your WordPress site depending how often you update your website.

Or if you would rather focus on your business.. Simply find a reputable company that provides pro-active WordPress maintenance and preferably one that hosts and maintains the website so they track and pro-actively prevent all issues including server-side PHP version for example.

A company may also offer other SEO benefits with their WordPress maintenance plan such as search engine rank monitoring, keyword monitoring, scheduled monthly reports, dead link monitoring and page load performance monitoring for example.

As always, we welcome your thoughts and comments below.

Thank you for reading,

Capital Web Team