Is my website secure?

Security by Nick Youngson CC BY-SA 3.0 Alpha Stock Images

No. Anyone who tells you yes, is cheating you, plain and simple.

Your website may be quite secure or very secure, but totally secure is no website, not even the Pentagon or CIA website.

I can help you to make it more secure and that in case of problems, the consequences are null or as minor as possible, I would be lying if I assured you that from now on your website would be totally secure, I would be deceiving you or at least not telling the truth.

Every day Google adds more than 10,000 websites to its blacklists because they contain malware and adds more than 50,000 a week for phishing.

Considering that around 70% of WordPress installations are prone to being hacked, you need to keep your security up to date.

Hackers are not interested in my website

True, they are not interested in your website as such (or maybe they are). What they are interested in is a place from which to attack other websites, send emails using your server mail services, distribute viruses and malware, insert code in your pages to generate links to other websites while your page loses reputation and positioning and so many other options. Therefore, they are not looking for your specific website, but for an online, accessible and vulnerable website.

But nobody is going to look for my specific website, because it hardly appears in the search engines.

It is also true (or it may appear in the first positions if you have worked with a good expert), but I am sorry to tell you that hackers do not work like that, looking for a website or company and then looking how to attack it, except in very specific cases and focused on a target. Hackers launch bots to look for thousands of vulnerable sites, regardless of whether the site has 100 hits or 1 million. Hackers look for a website with version X of plugin Y that is vulnerable to a certain attack. Because their purpose is to insert 100 new hidden links on your website, or they are looking for a website with certain vulnerabilities to take advantage of your SMTP server and send thousands of Spam emails from your server.

Now you know that your website is not and will not be totally secure, but the more you do to secure it, the less risk you run. You know your house isn’t totally safe either, but that doesn’t mean you leave the front door wide open, unless you live in the Heidi Mountains, and the internet isn’t that Swiss Alpine village of Johanna Spyri.

By Rudolf Münger, upload by Adrian Michael – “Heidi”, Racher-Verlag 1952, CC BY 2.5,

Now you also know that your company or your personal web page has no specific interest for the hacker on duty; but that he has it as a means to achieve his ends and that along the way he will damage your reputation, positioning, credibility and can make you lose a lot of money and time.

In the next two posts I will tell you a little more about what you can do about it.

P.S.: Second article: WordPress security in three levels.

Third article: WordPress security from Cloudflare.

Join my superlist ;)

I won't share your details with anyone or bombard you with emails, only when I publish a new post or when I have something interesting to share with you.

Leave a Comment