Website launches mark a time of joy and excitement. Your store, business or restaurant becomes visible to the whole world online. Wonderful news! Your customers and potential customers rejoice!
Unfortunately, you also become visible to hackers. This can be frustrating. You join the eternal struggle: creators and builders vs. thieves and destroyers. The battle requires constant vigilance.
Here’s what you need to know.
Username & Password Security
A good password is your first line of defense against hackers. You want to create passwords that are hard for people (and computers) to guess.
This comic about sums up password security:
Image by XKCD.com
Updating WordPress is like cleaning out the garage. It’s not fancy. It’s not fun. And if you haven’t done it in a while, it can be a messy job. You do it to keep the dirt, roaches, — and hackers — at bay.
WordPress has an army of coders working around the clock to find and plug security holes. When they create a security fix, they release it as an “update.” So every time you update WordPress, you’re keeping your website one step ahead of the hackers.
You may see a ribbon (like the one below) at the top of your dashboard asking you to update your WordPress.
Just click “Please update now” and follow the directions to complete the process. Note: This can potentially break your site. We can help.
Plugins can be exciting and flashy. Lots of bells and whistles. You may have downloaded a few, tried them out… then moved on and forgot about them completely.
Have you updated the plugins you still use?
Did you remember to delete the ones you no longer need?
If you answered no to the questions above, you put your website at risk. At least once a month, go in and update plugins you use, and delete the ones you’re not using. Again, this can potentially break your site. Backup first. It’s always a good idea to seek professional help.
Omnis Security Update
If your WordPress website is hosted on Omnis, you may see this message when you try to log in.
What the heck is going on?
Hackers use automated hacking scripts to target computers and servers. Compromised computers become “bots,” sort of like evil pokemon. Many bots = botnet, or many computers running hacking scripts at the same time.
Hackers train these bots to do different things. Some bots attack outdated WordPress plugins. Other bots try different WordPress username and password combinations over and over again.
We call these password-guessing attacks “brute force login” attempts. The bots play a high-powered version of Wheel of Fortune with your website login. That’s why you need a strong password.
So how do I get into my site?
The hosting company, Omnis, has set up a 2-step login to prevent them from accessing your WordPress dashboard. Omnis has set this up for your protection.
Simply follow these directions:
1. Type in the User Name as “wordpress”
2. Type in the Password as “wordpress”
3. Log in as usual
You should see your Word Press login screen that looks like this image.
Call Aqua Vita Creative at 918.518.6576. We can help make your website secure.