Everyone’s heard of WordPress – it’s one of the most popular content management systems in the world, used by nearly 75 million websites. Like facts and figures? 409 million people view more than 23.6 billion pages each month while users produce 69.5 million new posts and 46.8 million new comments every month. That’s a lot of words.
This kind of global presence and popularity makes the ubiquitous platform an irresistible target for hackers looking to damage sites for their version of fun – or to gather confidential information for more illicit purposes – as the news story a few weeks ago showed.
The security flaw in WordPress’s blogging software allowed hackers to attack and deface tens of thousands of sites. They were able to edit posts and change titles, but left unrepaired, those devious types would have been able to insert code, text and links… all very damaging indeed. These people are low on principles.
While WordPress caught the world’s attention back in February, a recent government survey revealed that nearly half (46%) of British businesses have discovered at least one cybersecurity breach or attack in the past year. That figure rises to 66% for medium and large companies.
Here at Ketchup, cyber security is a big deal for us.
It’s why we want to help every client protect their website, their business and their integrity: it’s not just an issue that affects major organisations – everyone using the Internet is potentially at risk.
WordPress tend to act swiftly to provide patches and other solutions when such vulnerabilities are discovered – but that is little consolation to those people whose sites have already fallen prey to hackers. That’s why we believe that it is far better to be prepared and protected – prevent the attack, rather than deal with the fall out.
Your WordPress admin area is normally only protected by password. Securing your website with additional features such as two factor authentication helps to secure your log ins, so that more than one link in the chain needs to be broken before an unwelcome visitor can access your site. It’s done by adding a second requirement (usually a code that will be sent via email) giving you an additional layer of protection… and in the light of recent news stories, this extra vigilance makes perfect sense, which is why we’ve made it part of our portfolio of services.
Keeping you safe
We’ve developed an advanced WordPress Protection Package exclusively for our clients, designed to maintain the security of your site and ultimately to give you peace of mind. KetchupProtect incorporates a whole raft of security and protection features that aren’t usually part of the WordPress platform, including:
- 2 Factor Authentication – Users are required to enter both a password AND a secondary code sent to your email. Both the password and the code are required to successfully log in to a user account. Two-factor authentication adds an extra layer of WordPress security to verify it’s actually you logging in and not someone who gained access (or even guessed) your password.
- Google ReCAPTCHA – this adds an extra layer of protection to your most vulnerable pages such as the WP login, user registration and comments.
- Protection against bad users – this feature limits the number of failed login attempts and locks out bad users.
- Enhanced admin security – this makes the administrative area inaccessible at certain times and alternates the URL for that area so that attackers won’t know where to look.
- 404 detection – this identifies the high number of 404 errors that are generated when a bot scans your site and locks out the IP addresses which produce these.
- File change detection and comparison – the security plugin will detect file changes that can be tell-tale signs of hacking and assess whether the change is malicious.
- Malware scanning – scheduled scans check for malware and allow it to be combatted and removed.
- User action logging – tracking when users log in, edit content and log out to help identify suspicious behaviour.
Choose KetchupProtect, and you’ll benefit from all the above safeguards as well as plenty of other features. You’ll also have peace of mind that we will check your website every week to ensure all plugins and software are current and make regular backups.
Protect your website, and you protect your business.
For more information about how we can make it much harder for the hackers, please get in touch on 0330 088 9277. We’re here to help you stay safe.