For those experiencing the WordPress 5.2 breaks admin issue, restoring /wp-admin, /wp-includes, and wp-settings.php has helped get the admin system back online.
If your site is built on WordPress, please read this post.
Or who, for that matter. If you think your website just sits there and serves pages to friendly visitors, you’re missing out on all the fun that’s going on behind the scenes. Properly securing a website + ongoing maintenance are critical to preventing your site from being “hacked”.
Websites are not a “set it and forget it” sort of thing. Server logs should be inspected on a regular basis. An Intrusion Detection System should be in place. Updates for software should be installed on a regular basis. WordPress must be updated and maintained and if you ignore this maintenance, you’ll have some friends coming to visit you…
And what are these “friends” doing on your website? Just running some friendly Dictionary Attacks, that’s all…
Attempting to log in as ‘admin’…
If you have a WordPress site, unsuccessful login attempts are not blocked, so someone can try to log in to your admin page over and over again without you ever knowing. That is, unless you have the right tools in place. At the very least, make sure you install the Limit Login Attempts plugin.
Security is a multi-layer approach, so don’t think there is just one simple solution to secure your website. Make sure you or someone is maintaining your website, installing the latest updates, pruning as many attack vectors as possible, checking your logs, etc.
If you have any questions, feel free to comment below or Contact Us!
I’ve been building consignment websites and websites in general for over a decade. I’ve stumbled, made mistakes, got hacked…and learned. When you’re responsible for a server, databases, and clients’ data, you have no choice but to learn what it takes to manage a server. From Apache to MySQL, to PHP versions and security best-practices, there’s a lot going on.
WordPress is software that you can install on a server and then have a professional website up and running relatively quickly. A template is then installed + configured and with a higher-end template, Shortcodes provide convenient access to styling the site and building a complete website. WordPress is famous for its “5 minute installation” and most anyone with a little time and some basic tech experience, can install WordPress. This seems to attract a lot of people who really don’t know what they’re doing.
This week alone, we’ve worked with two clients whose sites were not properly handled by their previous *Web Developers. One look at the WordPress installation and you could immediately see these were not professionals. One of their developers who was “moving on to do bigger and better eCommerce sites,” hadn’t even activated and registered Akismet. Scary to think that person is going on to manage sites that process credit card info.
There are so many moving parts to a website, especially a WordPress site. Updates are constantly being released for WordPress, its plugins, templates, etc. In addition to the front end of your website, the components that run a WordPress website – e.g. Apache, MySQL, and PHP – all have to be properly secured and maintained.
The fact that pretty much anyone can slap a WordPress site together, is actually quite the troubling notion. Sites are hacked on a daily basis. Just choosing the wrong host could lead to your site getting hacked.
Here’s a small glimpse of some of the uglies that are rubbing up against your site on a daily basis…
Just because WordPress is easy to install and easy to use, does not mean it’s easy. If the proper measures aren’t taken during installation and if your WordPress site is not properly maintained, you’re simply asking to be hacked. That can turn into a loss of real money for you, especially if your site ends up serving out malware. That could lead to your customers’ and consignors’ systems getting infected, which could really end up blowing up on a business. Also, a domain name that is associated with that kind of malicious activity can be blacklisted, effectively wiping your site off the web and making it virtually impossible to use for email.
Don’t get caught by surprise just because someone you know said they can “do WordPress” for you.
Is your website secure? Contact The Computer Peeps today for a free consultation.
We’re just about to launch Stuff! Consignments’ new website! Take a look!
Additional consignment websites coming up soon, Upscale Fashions, Inc. and Larger Than Life Resale!
The Computer Peeps can help whether you don’t have a website at all or you are looking to have your website redone! The Computer Peeps develop websites with functionality in mind. Consider a stylish and functional website done by The Computer Peeps if you can’t update your website whenever you please!
With a website from The Computer Peeps, you can:
- Easily create image galleries
- Easily create new blog/news/new inventory posts
- Update your website on your own
- Post to your blog from your Android device, iPhone, or iPad
- Have a fully functional email system for your business