Skip to content
Christian Host
  • Home
  • Contact
  • Blog
    • Latest News
    • Security
    • Performance
  • Login
Menu Close
  • Home
  • Contact
  • Blog
    • Latest News
    • Security
    • Performance
  • Login

Website Security

September 13, 2017
|
Jonathan Blair

Introduction

The focus of this week’s article will be website security. Is my WordPress site secure? Why is WordPress security so important? Why would someone want to hack my site? What can i do about it? In this weeks article, I will address some of these concerns and some common misconceptions about hacking and website security.

Brief history of the web

In the early days of the Internet, creating and updating a website required a general knowledge of HTML (Hypertext Markup Language). This ever-changing descriptive framework and the lack of standardization was notoriously difficult to work with. Due to these complexities, developing and maintaining a website would often cost thousands of dollars. With the advent of server-side scripting languages such as PHP and structured database storage known as SQL (Structured Query Language), this all changed. These technologies led to the development of Content Management Systems (CMS) such as WordPress. It was now possible for almost anyone with minimal technical experience to create a website. The journalistic design of WordPress led to people creating online journals known as weblogs, which eventually evolved into the word we are all aware of today; “blog.”

The rise of WordPress

By far the most popular CMS today is WordPress, as it accounts for more than 28% of all websites on the Internet, and this number is growing every day. The primary reason for the success of WordPress has been their focus on ease of use and the ability to extend features with plugins. This growing market share has led to some amazing plugins and themes. Not only is our website a WordPress site, but you might be surprised to find out some pretty large companies also use WordPress for their websites such as Walt Disney, Mercedes-Benz, Sony Music, The New Yorker, Bloomberg Professional, The Wall Street Journal, CNN, and even The Official Star Wars Blog.

Convenience has a hidden cost

There is no doubt WordPress has become the most flexible CMS available today. However, this convenience comes at the expense of security. In recent years, WordPress has made significant improvements in its security model, but poorly written plugins, outdated installs, inexperienced webmasters, and bad hosting still plague WordPress sites to this day. Today with hundreds of thousands of bots sifting through the Internet, an old install of WordPress or vulnerable plugins can be infected with malware in just a few minutes. WordPress has the potential to be a secure content management system if done right.

Hacker misconceptions

To most people, the word hacker conjures a vision of a nefarious evil hacker intent on defacing their website, but this is rarely the case. In fact, this type of “hacktivism” accounts for less than 4% of hacked sites. In reality, most hackers have a less known but equally damaging motive. Your typical website hacker will create an automated attack script or "bot" that leverages a specific vulnerability to install a backdoor on a website. They can then send this bot off to conquer the internet while they sleep. In no time the hacker will have access to thousands of systems all over the world. They can then use these sites to deliver malware to their visitors, which was the hackers target all along. Google blacklists more than 70,000 websites per week for malware, which can be devastating to a site. Google's blacklist destroys all SERP (Search Engine Results Pages) rankings you have spent years building. Another more recent, and fast-growing type of malware attack is SEO Spam, which can get you completely delisted from Google.

Defense in depth

The most important security concept for defending a website is what we call “defense in depth.” Put simply; we want to make sure every layer of service all the way down to the filesystem has both intrusion prevention and detection. In the event a system is compromised, this limited access minimizes the damage an attacker can do. Lastly, there needs to be sufficient logging and notification so that the system admin can take immediate action. As you might guess this is far easier said than done, and many system admins and hosting providers don’t follow this practice at all. Even though 96% of all website attacks are automated, the hacktivist is by far the most dangerous. In fact, it is often impossible to "completely" protect any Internet connected system from a sufficiently skilled, highly motivated hacker. However, by following best security practices, we can significantly minimize the damage a skilled attacker can do.

Managed WordPress

The idea of Managed WordPress is not a new concept. WordPress sites have security, scalability, and performance pitfalls that can cripple a hosting provider that is not specifically designed to handle these types of problems. Managed WordPress is quickly becoming more popular as people realize their $5 a month hosting provider is not equipped to deal with the specific needs of their WordPress site. Recently some of these enterprise features that would have cost thousands of dollars before have become more accessible to the average blogger. Our goal at Christian Host is to provide our customers with all the security and performance benefits of a top tier Managed WordPress hosting provider at a price anyone can afford. Peace of mind now costs less than $20 a month.

 

Please share this article...

Share on facebook
Facebook
Share on google
Google+
Share on twitter
Twitter
Share on linkedin
LinkedIn

Recent Articles

Loading...
HTTPS in browser address bar
You need HTTPS now
Fiery Trials in Our Day
Fiery Trials in Our Day
Ransomware
Ransomware
Cloudflare Optimized Partner
Cloudflare Optimized Partner
Rev. Daniel W. Blair
Welcome from Rev. Daniel W. Blair

Recent Articles

  • You need HTTPS now
  • Website Security
  • Fiery Trials in Our Day
  • Ransomware
  • Cloudflare Optimized Partner
  • Welcome from Rev. Daniel W. Blair

Categories

  • Latest News
  • Performance
  • Security

Archives

  • February 2018
  • September 2017
  • August 2017
  • April 2017
Learn More

About Us

Christian Host was started by Rev. Daniel Blair and his son Jonathan. Rev. Blair, Pastor and author of 4 books brings decades of combined experience in hospitality management and his worldwide online ministries to guide our sales and marketing team. Jonathan, a web security expert, previously the CEO of an ISP, brings the technical experience needed to provide the Christian community with tools they need for today’s web.

Contact Info

  • Sales - 1-888-889-5972
  • Sales - 1-888-889-5972
  • Contact Form
  • PO Box 6951
    Round Rock, TX 78683

Follow Us

Facebook
Twitter
Google-plus
Linkedin

Newsletter

Subscribe
HTTPS in browser address bar

You need HTTPS now

Jonathan Blair

Introduction In less than four months Google will mark all HTTP pages as insecure in Chrome. If you or someone you know is running a website that has

Read More »
Website Security

Website Security

Jonathan Blair

Introduction The focus of this week’s article will be website security. Is my WordPress site secure? Why is WordPress security so important? Why would someone want to hack

Read More »
Copyright © 2017 - 2021 Christian Host LLC. All rights reserved.

Contact Us

Thank you for your interest in Christian Host! Please fill out the form and our sales department will reach out to you as soon as possible.

Thank you for your interest in Christian Host! Please fill out the form and our sales department will reach out to you as soon as possible. Or you can give us a call Toll-Free 1-888-889-5972

Or you can give us a call Toll-Free

1-888-889-5972

Christian Host Newsletter

Subscribe to our newsletter and we will keep you up to date with company announcements and WordPress related news on features, performance, and security.