Website 101 – Protecting Your Site From Hacking

November 18, 2019

The word ‘hacking’ has many connotations. For many of us it triggers visions of darkened rooms with geeky Russians typing away vigorously with graphical read outs showing how close they are to smashing through the Pentagon Firewall. But the reality is a little less exciting but potentially a little more embarrassing.

What do we really mean by hacking?

In reality when we talk about hacking in the everyday world of websites what we are really talking about is a variety of things, ranging from DDoS (dedicated denial of service) attacks through to malware on your website. What we really mean when we talk about hacking is actually when your website is being made to perform unexpected behaviour by an outside influence. These outside influences can either be manual or automated, but almost all of them cause a headache and it is important that you are protected from them.

What should be done?

Because there are many different threats that can affect your website, there are a range of ways to handle these. To give more context, lets look at a DDoS attack. This is, more often that not, not actually Vlad and his mates sat in a basement actively generating massive amounts of traffic to your site but instead a automated script based attack whereby loads of traffic is generated from a small number of IP addresses and directed at your website domain. In this situation the important thing is to identify and isolate the traffic as quickly as possible and so using tools such as CloudFlare, which is a specialist hosting solution that puts a cached version of your site in front of the actual server, provides a layer of protection. This also gives the added benefit that any site using CloudFlare if the server goes down will still present a cached version of your static content even if the server itself is not responding. In the case of this sort of attack we can quickly set CloudFlare to deal with the issue and protect the server, and your website, from going down.

Another unfortunately common issue is the malware infection of a website. This has become particularly prevalent in recent years and often you will have no idea your site is affected until people are browsing it and find when they click on things they are suddenly redirected to alternative websites, often with content adult content that you would definitely not want associated with your brand. In situations like this the issue has occurred because the security of your website has been compromised. This is usually due to out of date plugins and software which have then left a ‘back door’ open to be exploited.

We deal with these issues in multiple ways; we undertake regularly maintenance of your website and all of the software and plugins, making sure they are up to date so that any security issues are plugged. We regularly scan your website with specialist software to identify if any malware has been introduced to the site and deal with it if it has. We have a configured firewall and security lockdowns on the build so that all the normal ways that infections and hacking can occur is dealt with. And we backup your entire website build and all the data on a daily basis, so that if the worst happens then we can roll back your site to a previous working version.

Share this post