Lessons from Panama Papers

Besides exposing how the wealthy manage their assets the Panama Papers highlighted again the need for security for any business going online.

This incident was due to outdated theme, plugins and in general poor web hosting choice.

As seen in this chart from WordFence (I highly recommend to use them for your WordPress), most attacks take place through plugins.

hacked_website_how_compromised

 

Don’t Be The Next Victim

To avoid being the next victim, there’s a few things that you can try:

1) try using this 5 min checklist to see if you are considered safe.
2) use only plugins that is needed
3) uninstalled unused plugins
4) Download only official plugins from WordPress or from vendors you trust.

Pro Tips for Plugin

If you must download a Plugin that a vendor that has not listed it in WordPress due to commercial reasons, evaluate it using these steps along with your gut feel.

Company Information – Does the site belong to a company with the company name, Terms of Service, Privacy Policy and contact number?

Google Search – Search for the name of the plugin or theme with the phrase “malware” or “malicious” to see if there are discussions of a malicious version of what you are looking at being distributed.

You can also do a search for the theme/plugin/vendor name with the word “vulnerability”. This is to help you evaluate if the vendor fixes any vulnerabilities reported in a timely manner. If the vendor is no longer maintaining it, if a exploit is found, it gives the bad guys a golden key to do whatever they want to your site.

About Jacy The Hosting Guy

Over at Jacy The Hosting Guy, I work hard to ensure that your web hosting needs are taken care of fuss free and secure, with the greatest reliability and security in mind. Never be limited with my web hosting.

Free WordPress site transfers are included when signing up with Jacy The Hosting Guy.

Sign Up today!

 

%d bloggers like this: