Issues with website security are the site owner’s or administrator’s worst nightmare. This post offers a glimpse into two most worrying cyber security scenarios: data breaches and denial-of-service attacks. What happens when they occur, and how to recover from them?
Imagine the following situation: an outsider gains an access to your site data. They see all your secrets, and in the worst case, share it with others. The person behind the attack may have the goal of selling your data for financial gain.
Or how does this sound: you’re accessing your website one day, but the connection times out and you can’t open it. You check your messages and see that all your website users are also having trouble accessing your site. In a denial-of-service attack (DoS), the cause of the issue is not your website’s code nor the server, but the incoming web traffic, which you can’t fix.
Data Breaches on WordPress Sites
Even if your site’s data isn’t top secret, it still contains a lot of distinctive data: personal information, IP addresses, order from your webshop, or internal company documents, all of which may be of interest to cybercriminals. In the worst case, the data snagged from your site may be combined with other data and metadata stolen around the web, known to be sold and traded in dark web marketplaces.
What is a Data Breach?
A data breach occurs when an unauthorized party gains access to private information on a website. The most typical reason for a data breach is gaining access due to a weak password. A brute force attack is an example of ways of breaking in to a website: let a bot or AI try to guess the passwords of your users. If the passwords weak enough, they’ll get access to your data in no time.
Even one leaked password is enough for a hacker. It’s even better for the intruder if the username happens to have admin user rights, giving them free reign on your site.
Breaking into a site with a password is not uncommon if the user access rights are unsupervised. When your site is maintained by Seravo, you have the wp-check-passwords command-line tool for detecting weak passwords. The tool does not reveal passwords, but can indicate if an individual WordPress user’s password is strong enough.
$ wp-check-passwords
[17:13:40] testi01 OK
[17:13:41] testi02 OK
[17:13:41] testi03 OK
[17:13:41] ==> Completed checking passwords of 3 users. Found 0 weak passwords.$ wp-check-passwords
[17:16:49] testi01 OK
[17:16:50] testi02 OK
[17:16:50] testi03 OK
[17:16:50] testi04 Weak password found. Change immediately!
[17:16:50] ==> Completed checking passwords of 4 users. Found 1 weak passwords.How to Prevent a Data Breach?
Unfortunately, security in WordPress can’t be improved by simply installing a security plugin. While the information provided by these plugins can be helpful in tracking of what’s going on, installing them not only increases the amount of code on your site, but also grows the potential attack surface for a cyber criminal. It’s known that the security plugins may have vulnerabilities that can be exploited by cyber criminals.
Seravo’s premium hosting for WordPress has protections enabled to prevent brute-force attacks on the login page. Using a strong password is of course of paramount importance, but if you want to improve the security of your site, it is highly recommended to also enable two-factor authentication (2FA) on the login page. Seravo’s Knowledge Base has instructions on how to enable a 2FA plugin on your site.
In addition, you can help in preventing bots from logging into your site by using CAPTCHA on the login page. Instructions for installing the reCaptcha plugin can also be found in the Knowledge Base.
What if My Site’s Data Is Breached?
At Seravo, your site is scanned daily for malicious code indicative of a data breach. Our hosting service also includes a unique Security Guarantee: your site will be cleaned of all malicious code and restored into operation, free of charge. You won’t find anything like this in regular web hosting services!
During a security investigation, the website may need to be shut down to prevent further damage, such as data leaks. In the event of a data breach, you will also need to collect data, such as site logs. As Seravo’s customer, you will receive an initial security report of the data breach. As a premium hosting provider, we will help you collect the necessary data.
WordPress and Denial-of-Service Attacks
Even if your site was hosted on a brand new server with the most powerful and sophisticated hardware, it can be bombarded with an endless amount of HTTP requests in a denial-of-service (DoS) attack. When a website or online service is inaccessible, sharing information and commerce come to a standstill.
What happens in a Denial-of-Service Attack?
If an excessive number of simultaneous requests are sent to the site, the server will be overloaded and is unable to respond to all of them. As a result, the site won’t load to its visitors.
In a typical denial of service attack, this means simultaneous HTTP requests, but the attacks can be carried out by a variety of devices and techniques. All have the same goal, however: to overload the site’s server, its resources, the device, network connection, or any server-related technology to the point where the site becomes inresponsive.
Let’s Fight Together Against Denial-of-Service Attacks
Seravo’s active 24/7 monitoring detects denial of service attacks, minimizing their impact on your site. Seravo’s system experts on-call respond immediately to any suspicious online traffic. The impact of the attacks can be mitigated through a variety of measures, including limiting and blocking traffic from the addresses where the malicious traffic is coming from.
Seravo’s security measures against DoS attacks:
- Load balancing
- Efficient and comprehensive caching solutions
- Detecting and filtering malicious web traffic
We have witnessed large-scale denial of service attacks, affecting several sites at a time. It was discovered that the sites experienced downtime due to these attacks, except for those in Seravo’s hosting. Our hosting solution’s scalability and active monitoring ensures that the impact of these attacks is effectively mitigated. Seravo performs better than your average WordPress hosting solution!
Help, Something Strange Is Happening on My Site!
Don’t worry, it’s good that the problem has been detected. Don’t panic – let cybersecurity experts help you.
- Find out what happened and why. Gather as much information as possible.
- Inform the authorities. Cybercrime should always be reported to the police.
- Let users know what happened. Make sure there is certainty about what happened and why.
If your organisation does not have its own guidelines, you can find further information by reading UpGuard’s resources on how to deal with a data breach. WithSecure also has a 24/7 hotline for cyber security emergencies.
How Can I Improve the Security of WordPress?
The security of your website is improved when it’s hosted by Seravo. We have also put together a helpful article with a list of different security techniques and additional options to improve the security of your site.
We take site security seriously. Every site hosted by Seravo is scanned for malicious code on a daily basis. In addition, we monitor for any disruptions in the sites’ operations. If you notice anything suspicious on your site and your site is hosted by Seravo, you can contact our customer support team (help@seravo.com) at any time.