Do you have a recovery plan in place in the event your site is compromised?
Have a Wordpress website and limited access to developers?
This service can help Fix, Clean, and Repair Hacked WordPress Sites!
Do you have a basic recovery plan in place in the event your site is compromised? Here are some simple & cost effective tips to BE PREPARED to bounce back from (or possibly prevent) a website attack:
- 1. Maintain backups of your database on a separate server daily - or as often as you update your site. (AWS and other service providers offer this as a service)
- 2. Backup all website source code after any upgrades then store these files on a separate server. (Ideally, use a service like http://bitbucket.com to manage your code)
- 3. Utilize a service like cloudflare.com that caches your site and directs traffic through their servers to both improve speed and act as a "breaker" switch in the event your site has a ddos attack. If your site goes down, they can load cached backups keeping you online while you work on your issues.
- 4. Don't store critical & personal information that can provide leverage to hackers. CRM, Payment Gateways and other services you may subscribe to often enable you to work with Webhooks & APIs which allow the data to be stored securely on their servers yet integrate with your website!
- 5. Monitor server access logs often to detect any intrusion from unknown IP addresses that may install e-skimming code that copies data from your site's input forms! Even better - use IP whitelisting to block unknown IPs from accessing your server. AWS has great tools to enable this at no extra cost.
- 6. If your site is compromised - you'll then be in a position to disable your current servers, enable new ones (assuming you're on a hosting platform), load all your backups and point your domain name to the new servers to get back online quickly.
You'll of course want to evaluate how and why you were attacked to prevent further issues!