Having a hacked website is terrible. Hearing about it from a customer is even worse. Your business comes off looking like you don't care about your website or your customers' security. Worse yet, data could be compromised, leaving you legally responsible!
Our experts will search through your website and clean up any infected files. We run 2 different file scanners and check for infected files by hand (manually).
We're using professional grade tools and we look over your entire website for anything that looks strange. This goes beyond any other company out there just using a few tools to check things out.
Wikipedia says this about hardening:
...hardening is usually the process of securing a system by reducing its surface of vulnerability... Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, and the disabling or removal of unnecessary services.
It also includes things like tightening file permissions, setting up a firewall and software to do continuous scans of your website to see if anything is happening... in real time!
WordPress hardening takes the standard installation of WordPress to the next level. It takes care of things your website designer probably missed.
They're going to skip websites that have security in place and go find the websites that haven't done any kind of hardening. How you stop them is to get some security in place - enough to make them want to not waste their time but move on to another website that's easier to get into.
If you do nothing, you're a prime target.
Getting some security in place will make hackers want to skip trying to hack your website and move on.
We have special configurations on these plugins that will help ensure things are as tight as possible. The permissions we change and rules we add help protect the most important WordPress files. We also do changes to the core WordPress setup that hackers will take one look at and will want to move on to the next website instead of mess with your website. That's the goal here.
Once your website has been hardened, we will get notified if anything suspicious happens and we'll check your website for you. We can then either give you a quote on cleanup work or you can authorize us to use a certain amount of time (Maintenance Blocks) to take care of anything that might happen.
48-72 hour turnaround (business days)
please read the FAQs below
If your website is compromised within 60 days of us completing our work, we will clean up the compromise for free.
You will need ensure your website is being backed up - either by yourself, your host or a backup service in case we need to restore any files.
If you are hosting with Webstix, your website files are being backed up and you are covered. If you have a different host, you will need to check with them and have them do a test restore for you as well.
Your website should stay free of compromises much longer than 60 days with the work we're doing if you keep your website software (core software, themes and plugins) up to date. If you need help keeping that software up to date, then please check out our Website Care program.
Q: Does this mean my website won't ever get hacked?
A: No, there's no guarantee of that. What this does is put advanced security measures in place to help deter hackers from bothering with your website. They'll want to move on to an easier target after we're done hardening your WordPress website.
If your website does get hacked within 60 days of us completing our hardening service, we will clean up the hack/compromise for you for no charge.
Q: Does this hardening make my website secure?
A: It definitely makes your website more secure. Other factors include making sure your website software is up to date and making sure your website host is doing their best to keep your server secure.
Q: Will adding an SSL certificate help make my website more secure?
A: That kind of security has to do with encrypting the communication from the web server to the device being used to view your website. Any information back and forth will be encrypted, meaning nobody in the middle, snooping on traffic, will be able to see what is going on.
This won't necessarily make your website more secure against hackers but it's a good idea to do this as Google is expecting websites today to do this - especially if you're asking people to login or fill out a form on your website. We can help set up your website to use an SSL certificate if you like.
Q: Is this protection just for WordPress websites or any kind of website?
A: It is just for WordPress websites.
Q: Does this just need to be done once or over and over?
A: Our WordPress hardening service is a one-time service. We're doing hardening with the best known methods known right now. In the future, more hardening techniques may become the standards and we may offer another level in addition to what we're offering here. Things move very fast in our industry, so you can expect that to happen.
Q: Can I use Maintenance Blocks to pay for this service?
A: If you would like to use any blocks in your account, please contact us and we'll help make that happen.
Q: Can you get this done in 48 hours?
A: Yes, our team gets to work on your website and completes this work in 48 hours (business days).
Q: What if my website software (WordPress) is out of date?
A: That's one of the first things we check. This service is for hardening a WordPress website that is already up to date with all WordPress core software updates, theme updates and plugin updates. If you haven't done that yet, we'll send you a quote for doing that work since it's not included in this package (beyond the scope).
Websites that are really behind on updates take longer to bring up to the latest versions and this work should be done carefully.
Q: How do I keep my website software (WordPress) up to date?
A: You can check for updates to the core software, plugins and themes weekly and then take backups, do the updates and thoroughly test your website yourself or you can go with our Website Care program, where we do this for you (sold separately).
Q: Can't I just do this myself?
A: You're welcome to try, sure. Will you spend lots of time trying to figure this out? Yes. Will you do as good of a job as our experts? Probably not. Do you have the expertise to do this work correctly? Probably not. We've done this kind of work a lot and our expert team know what they're doing. There's no magic going on here - we just happen to know what we're doing since this is what we do.
Q: Why do hackers attack websites?
A: There are lots of reasons. Mostly, they're trying to either redirect traffic, employ some black hat SEO tactics, send out spam email or run a phishing scam, pretending to be another website to collect people's login information. It's usually not personal. They find a website with holes in it, break in and then set up what they need to.
Q: How tight can a website be hardened?
A: Doing hardening is an art as much as it is a science. We can technically harden it too much and, in that case, your website wouldn't even work. Of course, that shouldn't be done. Our experts know how to harden your website just enough to add a good, extra layer of security without compromising website functionality.
Q: Do you test my website once your done hardening it?
A: Yes, we test pages on your website and test functionality like forms, the shopping cart (if you have one), searches, etc. We also check the error log file to make sure no new errors have crept up.
Q: What if my website is a mess? Can you clean that up?
A: Sometimes we find websites that have remnants of older versions of the website still present or other strange things. Cleaning up files beyond the core WordPress file structure (including plugins and themes) is beyond the scope of what we're offering here. This kind of work can vary greatly but we would be happy to provide you with a quote. That way, your website is cleaned up and a clean website is less susceptible to compromises.
48-72 hour turnaround (business days)
please read the FAQs above