Do you lock the door to your office when you leave it? If someone said your keys had been copied would you change the locks? If we consider your website is like an office where it is openly published that the keys have been copied on a regular basis – then it makes sense to change the locks there as well. If we can agree with that then you’ll like these simple to follow 7 steps to avoid a real estate WordPress® hack

If you have a real estate WordPress® website it’s time to take this as seriously as protecting the other things in your life; You protect your business premises, your vehicles, your office equipment and your computers and it’s time to include your Real Estate WorPpress® Website more than you might think.

What Happens When You Get Hacked

Sometimes it’s not apparent. This is the most insidious hack. What they do is use your database and server space for themselves. We’ve seen hard core adult material being served from a victim’s server – racking up bandwidth and slowing down their legit site. This is like having someone hiding in your office and making long distance calls and ordering from Ebay behind your back.

If you are lucky you will see the hack or be told by a prospect about a security warning they got upon visiting your website. Most hacks come with malware and you will be listed with Google as a site that hosts maleware and put in Google jail until you can fix it. Your hosting company will often shut your site down. You will lose search engine ranking, you will lose a lot of time and you will lose integrity from prospects and clients – especially lead generation sites that allow clients to log in with credentials. Your wide open website can and will affect others.

7 Steps to Avoid a Real Estate WordPress® Hack

WordPress® hacks are very common now, more then just a few years ago. When it happens, panicked website owners call their hosting provider to help solve the problem.  Unfortunately hosting companies don’t normally provide this sort of service and will in fact shut your website down if they suspect you are a danger to their server – because it’s your website and you got infected. After all, you are only renting space on their server and you were irresponsible with that space.

The website developer will be able to help fix the problem and hopefully you have a monthly maintenance package with them. The best bet is to find a company who will not only host but help secure, maintain and clean you compromised site . We offer this with all our hosted real estate WordPress® websites and these are some basic things that we do to help keep the hackers at bay.

1. keep your WordPress® version up to date.

You would think this is a no brainer, its not. Do it keep it up to date. When you get that email saying a new version of WordPress® is available. UPDATE! Its likely got a fix for a known vulnerability. This will save your ass. Especially now that the known vulnerability is known to everyone.

2. Keep all your plugins up to date and delete ones you’re not using. 

Almost all plugins are created by 3rd parties to access your website and add functionality. They are like apps on your phone. You will have at least one plugin – your IDX feed. An off-the-shelf WordPress® install is fairly bare bones and a real estate website is complicated, chances are you have many more plugins than you might think. There might be plugins not being used anymore… delete them. You don’t need them sitting there inviting hackers to play with your WordPress® back-end. Keep all the plugins you use up to date and smelling fresh.

3. Delete any themes you’re not using.

Even if it’s a custom designed site, the design of your site relies on themes to manage the look and feel. WordPress® comes with a few themes of it’s own and there may be more themes you tested out and though, yuck. You don’t need them and they also can be a way in for hackers. Only keep the theme you are using and it’s associated child theme.

4. Keep your theme up to date.

If you have a theme thats is never updated from time to time then it’s time to find a new one. This is a very common way hackers can bust into your site. Updating the WordPress® version is not enough – the theme needs to be updated as well. You want to stay with a theme that updates.

5. Wordfence.

Install it ( its free) and run regular scans. Its a serious life saver.

6. Find Good tech support. 

If you’re looking for $6, $8 or $10 a month hosting, they are not going to help you if you get hacked and rightly so. Don’t learn this the hard way. It is an unreasonable expectation to think your hosting company should sort out whats going on, consult and offer guidance on how to handle it moving forward and in some cases actually help you fix the issue for this kind of monthly payment. Hosting companies that offer this sort of assistance cost more. Often the website developer has a maintenance package.

7. Change your passwords.

You have to change your passwords to something hard to break. Do not use anything with words in it, make it a mix of special characters and capitals and it should be long. I know, how will you ever remember it? You wont. Write it down, use a password manager and suck it up. Hacking through a password is easy.

None of this will guarantee you won’t get hacked but these are some of the better WordPress® practices you can employ as a good step forward. Its better to take the precautions than to pick up the frustrating pieces of being WordPress® hacked.

Did I miss something? Let me know.


Author Paul

More posts by Paul

Leave a Reply