A few days ago, we took steps to further protect our clients’ websites from hacking, viruses and ransomware. The following is my description of the situation and what we did to harden those sites.
An increasing threat to websites is what we call “bot” attacks (automated hacking attempts) aimed at logging into and then taking control of random websites. The idea is that if they can control your website they can get you to pay them ransom to release it.
Typically, these “bots” try to find the easiest path into the backend control panel for the website. Of course, the “easiest path” into a site is the page where site owners like you and I go to login. Once they find that page, they then use automated scripts that try to find the right combination of username and password.
It stands to reason then, that making the login page harder to find will help block such attacks.
Most of our websites are built using WordPress – which powers more than one-third of the world’s websites – and which by default uses the same address for its login page: www.yourdomain/wp-admin. So the bots automatically try this address first when trying to hack WordPress websites.
Given the increase in such attacks, we have changed the address of our login pages to make it harder for the bots to find the entry point. Our clients who access their websites via the wp-admin page should contact us to get the address for the new login page (we’re not publishing it here to keep it secure). If we manage your website content for you, then you don’t have to login and you don’t need to do anything – except relax and know that we’re doing all we can to keep your site secure.
Toward that end, we also employ other tools to further harden your website against such attacks. For example, we limit the number of unsuccessful login attempts. This means that if you (or a bot) tries unsuccessfully to login more than “x” times, the login page will be locked for about 20 minutes. “x” 20-minute lockouts in a day results in an extended lockout period of 24 hours. This makes it more difficult for the bots to repeatedly try username/password combinations.
Finally, a little more reassurance: We are constantly scanning the websites we host to make sure that if they do get hacked or infected, we can act quickly to correct the situation. And – in the unlikely event your website should get hacked – we back it up every day, so we always have a good copy from which we can restore the site.
The bottom line is that while we can’t guarantee your site will not be hacked, we are doing everything possible to minimize the likelihood that it will be.
Questions? Give us a call at 502-545-1588!