We know of a surprising number of sites that have been hacked lately. Sites built using WordPress are the most commonly targeted as they have numerous “plug-ins” that may be vulnerable. But the hacking we have seen has been with a range of different Content Management Systems and different developers. No one is immune.
What really surprised us is the shocking response of several of the developers to being informed of it.
One large NZ developer who also host the clients’ sites has told at least 3 of their clients that it was their fault because their site was hosted on an out of date server. And that it would cost $500 to migrate their site plus the cost of fixing the hack.
We think that is very wrong – any company hosting sites for clients surely has a duty of care to ensure that sites are at all times hosted on up to date servers with the best anti-hacking measures in place as a matter of course! They should at very least be proactive and recommend to clients if any upgrade is required at an time. Not wait till 5 years later when there is a problem and then blame and charge the client. Clients should not need to know anything technical about how or where their sites are hosted. That is why hosting companies exist – to manage that.
We suggest you ask your developer and/or hosting company what measures they have in place to minimise the risk to your site of hacking.
How often do they update their systems to improve security? If your site is using WordPress, how often are core WordPress files and plug-ins updated? Do they have a regular programme for this?
How often do they back-up your site (or are you meant to do this). Where are back-ups kept?
Is your site hosted on a server that is considered up to date and secure from hacking?
Ask us to help if you are not sure about these things.