The instances of website hacking are on the increase.

Content Management Systems are by their nature designed to be easily edited by the User, this can lead occasionally to increased vulnerability to malicious attack.

In order to help prevent this I will, on commissioning your website:

• Ensure that all the file permissions are set to prevent outside editing.  On occasion this can interfere with the ability of the user to edit some limited areas of the site .    If this is the case simply contact me immediately and I will talk you through how you can safely access these editing functions.
• Take regular back ups of the site during the design stage.
• Establish a back up programme on the website (CMS websites only) and instruct the Client on it’s use.

I can take no responsibility for the actions of outside forces/malicious hackers once the site is live online.

The reinstatement of hacked sites is not included in the original contract, ie, it is not included in the original charge for the website.  Monthly contracted Website Management also does not include extensive troubleshooting if the site is attacked.

What the Client can do to prevent attack:

• Ensure you take regular back ups of the site, particularly after you make any extensive changes.  Download the resulting file to your own  computer. I can show you how to do this.
• Change all passwords regularly.
• Always install the latest version of the content management system and any additional plug in programmes you are using.  This helps protect   against possible attack.
• Ensure you have an up-to-date virus scanner on your own PC.  No amount of security will help if you access the site whilst your own PC is infected.  There are some good free virus scanners so this need not be expensive.
• Ask your Hosting Service what security systems they have in place against malicious attack before you purchase.  It is worth bearing in mind with hosting that cheaper is not necessarily better. I advise choosing one with telephone rather than email support, it is quicker to make contact and makes it easier to sort out any potential problems.

What do I do if my site is hacked?

• Firstly check that it actually is at risk.  Some of the free virus scanners can give false positives ie, they highlight a site as infected when it isn’t.  Click HERE and enter your website address, it will then scan your site for viruses and trojans.
• If your site is infected then deactivate the site through your hosting control panel.  This prevents anti virus programmes repeatedly highlighting the threat leading to potential blacklisting of the domain name.
• Contact your Web Hosting service to see if they can help from their end.  Often they can and they will do this free of charge.
• Before you go back onto the site make sure you have run the virus scan on your own PC and are accessing the site from a “clean” system. Be aware that hackers will often change your file permissions once they have gained entry to a site.  This makes it easier for them to access the site at a later stage.
• Be aware that Hosting companies may revert back to original and less secure settings on some of the extensions you have installed on the site.  You will need to check these before you put your site back online. For the best ways of tightening your wordpress security, along with details of the safest file permissions click HERE
• Check back on the site regularly.  Sometimes a virus can lie dormant within a site and suddenly become active. If this happens, you may need to consider reinstalling a back up version of the site made prior to the issue.
• Contact Me.  There will be a charge for my time at the normal hourly rate.