There’s no such thing as a hack-proof website

Nobody wants their site to be hacked. But one myth that we all need to let go is that there is something you can do that will make it 100% impossible for someone to hack into your website. The only 100% effective way to not be hacked is to not have a website.

If there was a way to make your site 100% safe from  hacking, no websites would ever be hacked. But they are, every day. There are millions of malicious bots out there just trying to break into websites constantly.

So, we start by understanding there is always risk. So we focus on what we can do to minimize that risk and the main thing is to focus on prevention. And that starts with you and your password.

Question for you? Do you use the same password for everything? Is it easy to remember? I have a message for you: STOP THAT. Password security is serious. Don’t think that just because your website is small that no one will hack it. I’ve seen even the lowest traffic, smallest obscure sites get hacked. Why? Because they can.

[bctt tweet=”If you can remember your password, it’s not secure.” username=”sumydesigns”]

People are notoriously bad password choosers.  Can you guess what some of the top passwords are?

  • 12345
  • password
  • 111111
  • baseball
  • letmein

If you think I’m joking, think again. It’ll take a hacker zero time to guess any of those passwords. If anyone asks me about passwords, they generally get a 15 minute lecture on passwords. If you are using your kid or dog’s names, then you need to change it. If yours has your birthday in it, then change it. If yours has your name in it, change it. Do you see the trend here?

Have strong passwords, and require your users to have strong passwords. When I get asked to reset a password, the password that gets reset is to is 30 characters long. (Not joking.)

A few other suggestions to make your site more secure:

  • Keep your software up to date. Updates often patch known vulnerabilities.
  • Install and configure a good security plugin, such as iThemes Security, WordFence, or Sucuri.
  • Check in on your site. Don’t forget it’s there. If you are logging in, you’ll notice if things go wrong.

Finally, be sure you are keeping a backup of your site, regularly, and keep those backups are stored somewhere in a different location. (If you store your backup with your website files, the first thing a hacker will do is delete those backups!)

Share this post:

Amy Masson

Amy is the co-owner, developer, and website strategist for Sumy Designs. She's been making websites with WordPress since 2006 and is passionate about making sure websites are as functional as they are beautiful.

Leave a Comment





This site uses Akismet to reduce spam. Learn how your comment data is processed.

Posted in

Join our list!

Our blog, delivered to your inbox. Never miss a post!