As web developers our primary goal has been to design a beautiful website that is scaleable on smart phones, tablets, several laptop and PC screen sizes and converts visitors to clients. We tend to focus on design choice & uniqueness, website speed, hosting, platform development choice, be it WordPress or Bootstrap and now the new and ever promising Webflow.
Rarely did we profoundly consider site security, its taken as a given that the website building platform we use and indeed the selected website host will ensure all is 100% secure. Not so it seems
Over the past few months we have had several new clients referred to us whose websites were compromised by hackers and placed their businesses in a vulnerable position. The owners had their website hosted by a web designer and presumably a reliable host. As customers they then thought we can relax as the website is done and dusted. Lets get on with producing and selling our thingymajigs.
The rise in the hackers strategy on seemingly everyday websites now has a greater mission, to attack a site, penetrate the host and bring all the websites and the host to their knees with ransom ware, malware and a plethora of various attacks.
In one case incident the attack was so subtle to the hosts of this particular lawyer’s website, they were not aware of the hackers presence when we were contacted. By this time the hacker had penetrated the WordPress lawyers website through a seemingly harmless “plug in” and taken up residence in the back end of the website to do as it pleased.
With WordPress now boasting 60,000+ plugs in their platform mainly produced by 3rd party software developers for low cost, often free to the website developer. It was now obvious some of these developers have produced plug ins purely for the purpose of gaining access to the back end of a
website through the CMS. These Content Management Systems are so much in demand and the primary reason why so many businesses choose WordPress as their platform of choice. We understand, by having a CMS the client can get into their website and make simple changes, but so can the hackers. Caveat Emptor.
As a leading web developer we are obliged to provide a safe environment for our clients website so we have upgraded our services to offer
- Website monitoring through high end software in real time 24/7
- Alert software to any suspicious behaviour
- Back up each website up on a daily basis
- Choose a leading web host such as “Amazon” who have their own safety features and
- A weekly visit by one of our developers to each site to ensure is all as expected.
Their are other options of course such as hard coded sites and indeed Webflow whose security is a leader in the industry and limits itself to around 100 plug ins. All other modifications where a plug in may be used can be hard coded quickly using the Webflow platform
When next you are choosing to upgrade your website or indeed a new site please consider
- Website development platform your site is built in.
- Insist on asking who the primary website host is &
- What processes are in place by your developer or host to ensure website security.