Endpoint Security

WordPress Security 101 – Endpoint Security And Disaster Preparedness

Endpoint Security And Disaster Preparedness

Continued from part 4

Setting up a secure password for your admin dashboard is a tactic that sets you on the right track to a robust WordPress security. But one smart tactic, or a combination of tweaks and plugins, won’t get you far.

You need to have a security strategy that not only oversees most attack vectors but also allows you to mitigate damage and restore your site quickly in the event of an accidental data loss, breach or a hijack.

Endpoint Security

Securing your WordPress blog requires more than just watertight backend protection, timely updates of the WordPress core and plugins, or an internal monitoring system. One of the frequently overlooked breach points in your blog’s security perimeter is your endpoint device.

WordPress makes it possible to access your admin dashboard from many devices such as computers, laptops, smartphones, and tablets. Losing any of the devices you use to access your blog, or having them hacked, means exposing your blog to great risks.

So you need to exercise appropriate precautions and account for endpoint security.

Endpoint Security Tips:

  • Secure your devices by using a strong PIN or password, and enabling two-factor authentication to unlock your device such as biometric ID, if possible.
  • Set your devices to auto-lock after a set time on idle.
  • Don’t access your WordPress backend from public computers, as these often are riddled with spyware and keyloggers. Likewise, their browsers can be configured to automatically store your login credentials, in which case you’d be giving away your login details to an awful lot of strangers using the computer after you.
  • Don’t check your email from public computers, either, for the same reasons. Your email is vital to your WordPress security – anyone gaining access to it could reset your WordPress password.
  • Do not access your WordPress admin dashboard nor your email from public Wi-Fi hotspots, unless you are using a trusted Virtual Private Network (VPN) with robust encryption and OpenVPN protocol.
  • Only install apps and games on your smartphone from the official app store.

Disaster Preparedness

Hope for the best but prepare for the worst. Assume that, even with the latest updates and the best of manual tweaks, there is a vulnerability that escaped your scrutiny.

When the worst happens, do you have the backups to fall back to, or do you know where they are? Are they even current? How long will your blog be down while you mitigate the damage? What if your hosting provider goes out of business suddenly? Or you just lose data by accident?

When you know the answers to all these questions, you have a security strategy.

Disaster Preparedness Tips:

  • Have a plan. Break down a huge task of restoring your blog from a hack/accident/act of God into smaller, digestible chunks.
  • Consider having a failover service that would redirect your traffic while your blog is down.
  • Have a temporary notification page you can display to your readers telling them that you won’t be down for long.
  • Be ready to start and restart your blog’s services, such as your database and web service, if needed.

WordPress Backups

Without a current backup on hand, you’ll have to clean your blog manually or pay someone to do it for you. On the other hand, if your web hosting gets compromised, there’s little you can do but move to another hosting service. In this case, a current backup is also crucial. An ideal backup tactic would be to combine several backup storage locations so that if one location gets compromised, you can always use the alternative source.

Likewise, backups should be incremental and automatic. When your backups are current and readily available, you will restore your data and re-deploy your blog almost immediately, with minimum downtime. On the contrary, a slow recovery from a hack could have a negative SEO impact on your blog’s rankings, organic search traffic, and revenue.

Backup Tips:

  • Have a plan and a step-by-step “note to self” on where your backups are, and how to restore them quickly.
  • Automate your backups. Manual backups aren’t reliable as you will inevitably forget to backup at some point.
  • Schedule backups to run during hours with the lowest traffic since backups can consume a lot of system resources.
  • Check up on your scheduled backups. If you run out of storage space, backups could fail. A gazillion of other things could cause a backup failure, so be vigilant.
  • Have incremental backups – daily, weekly, and monthly you can fall back on in case disaster happens. There are too many unknowns in a disaster equation, and having ample backups to restore from is a key to minimizing downtime.
  • Have multiple backups stored in various places such as with your web host and a secondary service, or even locally on your hard drive or external drive.

Backup Options:

  • Most web hosting providers offer native backup solutions. Use that as a secondary backup storage. Note that, with some providers, you may need to set up your backups manually, especially with the Virtual Private Server systems (VPS).
  • Cloud-based backups are efficient since they can be automated and convenient to restore from, especially with the native WordPress cloud backups available as a part of the WordPress Security plugin.
  • Internal monitoring systems like Sucuri and Wordfence also let you set up and manage your backups.

Wrapping Up

The WordPress threat landscape is continuously changing, so you need to be on top of the security best practices, expert findings, patch releases, and community discussions. In other words, be proactive, not reactionary.

By securing your blog properly, you will be able to develop a solid reputation, build traffic faster and avoid costs associated with site cleaning and recovery after a hack.

That’s it. Hope this helps.

By Alex Grant

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information, resources and thought leadership services.

Contact us for a list of our leading programs.

Want to dip your toe into the cloud? Challenges of a Large Migration

Want to dip your toe into the cloud? Challenges of a Large Migration

Challenges of a Large Migration Migrating to the cloud can be a daunting task. First you have to go through ...
David

The Coming Era of Simple, Fast, Incredibly Cheap Cloud Storage

Cheap Cloud Storage Is On Its Way Data storage, like other commodities such as bandwidth, electricity, or simple computer power, ...
Data Analytics and Human Heuristics: How to Avoid Making Poor Decisions

Data Analytics and Human Heuristics: How to Avoid Making Poor Decisions

The “hot hand,” a metaphor applied frequently to the game of basketball, is the idea that a basketball shooter, after ...
Write Once, Run Anywhere: The IoT Machine Learning Shift From Proprietary Technology To Data

Write Once, Run Anywhere: The IoT Machine Learning Shift From Proprietary Technology To Data

The IoT Machine Learning Shift While early artificial intelligence (AI) programs were a one-trick pony, typically only able to excel ...
How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data The modern enterprise is digital. It relies on accurate and timely data to support the ...
Ransomware Cyber-Attacks: Best Practices and Preventative Measures

Ransomware Cyber-Attacks: Best Practices and Preventative Measures

Ransomware Cyber-Attacks “WanaCrypt0r 2.0” or “WannaCry,” an unprecedented global ransomware cyber-attack recently hit over 200,000 banking institutions, hospitals, government agencies, ...
AI Storms Top Supercomputing Show – NVIDIA Brings Talks, Training, Demos, and More to ISC

AI Storms Top Supercomputing Show – NVIDIA Brings Talks, Training, Demos, and More to ISC

This is what smart people do for fun. Detecting gravitational waves millions of light years away, in real time. Powering computationally fast quantum mechanical simulations at high accuracy and low cost. Proving the feasibility of ...
Palo Alto Networks Commitment to Educating European CEOs and Boards on Cybersecurity as a Business Issue

Palo Alto Networks Commitment to Educating European CEOs and Boards on Cybersecurity as a Business Issue

In recent years, the topic of cybersecurity awareness, education, training, and skills has grown in importance across the European Union. On each trip I take to Brussels, I am struck by how this is a ...
F-Secure Takes A Big Step Towards Cyber Security Leadership By Acquiring MWR InfoSecurity

F-Secure Takes A Big Step Towards Cyber Security Leadership By Acquiring MWR InfoSecurity

Acquisition adds industry leading threat hunting platform to F-Secure’s detection and response offering and expands cyber security services to the biggest markets globally F-Secure Corporation, Stock Exchange Release 18 June, 2018 at 09:00 EEST F-Secure ...