How Not To Get Hacked – A Guide For WordPress Website Developers (And Their Clients)

How Not To Get Hacked – A Guide For WordPress Website Developers (And Their Clients)

You’ve built your clients their dream website. Don’t allow hackers to take it over and turn it into a nightmare. Our “how not to get hacked” guide shows you how…

When hackers start breaking into the security firms that are protecting us from hackers, you know it’s time to take security seriously!

Especially when you consider stats like these:

  • There is a hacker attack every 39 seconds.
  • 95% of cybersecurity breaches are due to human error.
  • 64% of companies have experienced web-based attacks.
  • 43% of cyber attacks target small businesses.

Source: Cybint

Yeah…But Not All Hacking is Done Via Websites

True, but here is the thing…

Most security threats are multidimensional.

This means that no matter how much time, money, and effort you invest into building and hosting a website securely, there are many factors that can threaten web security and allow hackers to wreak havoc on your website.

Take a look at this flowchart to see what I mean…

Security threats are multidimensional.

The above is my condensed version of the security threats classification model shown below…

ScienceDirect.com - Multi-dimensional Security Threats Model.Multidimensional threats can affect the security of your website. (Source: ScienceDirect.com,  Classification of Security Threats in Information Systems.)

As you can see from the diagram above, web security threats can come from either:

  • External sources (e.g. unauthorized users and natural disasters) or
  • Internal sources (e.g. an employee with admin access to the site, server, or a network account).

Add in human, environmental, and technological agents with malicious or non-malicious motivation and accidental or non-accidental intent, and the security threats posed by any combination of these factors are further multiplied.

To put it simply…

Web Security is Freaking Complex!

A failure in any part of the system can threaten the security of the whole.

Even in situations where cyber attackers are not directly involved (e.g. natural disasters), these threats can create security blind spots that could impair your site and lead to:

  • Destruction of information – e.g. deletion of important files or data.
  • Corruption of information – e.g. corrupted database tables and files.
  • Disclosure of information – e.g. exposing confidential data to unauthorized users or the general public.
  • Theft

[…]

 



This article was written by Martin Aranovitch and originally published on WPMU DEV Blog.

Disclosure: Some of the links in this post are "affiliate links." This means if you click on the link and purchase the product, We may receive an affiliate commission.

Leave a Comment

You have to agree to the comment policy.

Scroll to Top