You are currently viewing Security Friday
Email contact

Security Friday

I’m a big believer in keeping my office network secure by following all update instructions from Netgear, so today my WiFi router was updated to the latest firmware release 1.0.0.122:

Netgear firmware 1.0.0.122
Netgear firmware 1.0.0.122

This update process took maybe 5 minutes of my time and provided a sense of relief that my vendor Netgear continues to take security seriously by providing these free updates.

Apple also prompted me to update my Operating System to High Sierra 10.13.4, so that process took about 45 minutes, half of which was in the background just downloading the file then the other half I had to wait for my MacBook Pro to finish. While waiting I simply swapped to using my iPad and Samsung Note 4 smart phones to make calls, look at the calendar and run my business. I typically wait until outside of business hours to upgrade my laptop Operating System.

High Sierra 10.13.4
High Sierra 10.13.4

WordPress is still the number one Content Management System (CMS) in the world, so that means that it is a target for hackers. My favorite security Plugin for WordPress is called Wordfence, and here’s what the install process looks like after you add the plugin and activate it.

email contact
Click Activate

Click the link to setup Wordfence and then fill in your email address to receive alerts of suspicious activity:

Wordfence email
Wordfence email

I then clicked the link to receive auto-updates:

Wordfence updates
Wordfence updates

Next is Firewall setup, a technique to only allow trusted content to be run on your website:

Wordfence firewall
Wordfence firewall

Using Wordfence will alter something called the .htaccess file, so click the link to download your existing file, just in case you ever want to go back and un-install Wordfence.

Save old .htaccess file
Save old .htaccess file

OK, that’s about it for setup of Wordfence, so just wait for an email message from Wordfence if your site is being targeted by hackers. One of my clients received an email from Wordfence this morning and it listed every malicious file that had been added since 2014, so I was able to quickly remove the added files and then examine a few infected files before removing the added PHP code.

Wordfence all setup
Wordfence all setup

As always, if you have questions about your WordPress website and security, then give me a call, I’d be happy to explain it to you and help keep your site running smoothly.

 

Leave a Reply