How to Protect Your WordPress Site from Malware
Each year the damages from computer malware cost US businesses billions of dollars. These costs are not only in lost productivity, but permanent loss of critical business data. Arguably, most if not all infections are preventable with the proper understanding, training and protection. Don’t be the next victim, take the steps now to ensure protection and recovery if the worst should happen.
First, let’s understand computer malware. Often the term virus is used to describe all malware. Technically speaking, there are viruses, rootkits, Trojan horses, worms and spyware. The attack method may differ but they are all malicious.
- A virus is a program that runs itself and replicates itself. It can affect files or the boot sector and can delete all your data. The “Melissa” and “I Love You” viruses gained global attention.
- A rootkit or Trojan horse allows access to your system without your knowledge. Often they look like a useful piece of software but in fact they are back or trap doors.
- A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes. Once on the system, worms do not need to attach to another program and can run themselves. Worms cause a denial of service attack making the network unusable. In general, worms target the network and viruses attack files.
- Spyware is computer software that is installed on a personal computer to intercept or take control of the PC. Spyware can hijack a computer and cause serious problems by gathering and transmitting personal data, loading undesirable software or redirecting browsers to malicious sites.
Protecting Your WordPress Site from Malware
There are several ways to protect your WordPress System from various Malware. Here are some quick tips:
- Have a good backup, just in case you need to restore
- Use a firewall for protection.
- Keep your system updated with the latest security patches
- Install and update anti-virus and anti-spyware software (see below for choices)
- Do not open email from anonymous, unknown or suspicious sources
- Do not download files or software from anonymous, unknown or suspicious sources
- Do not navigate to suspicious or promiscuous websites
- Regularly scan your system for malware (see below for choices)
- Worth repeating – be sure that you have a good backup so that you can restore your full system if needed
- If you think you have been attacked, act quickly to isolate the infected computer and remove the malware.
Anti-Virus and Malware Protection
You can purchase anti-virus and malware protection or there are many free versions for home users. For anti-virus, AVG, Avast and others have free versions. For corporate anti-virus, we use Symantec Endpoint. For malware, we like Malwarebytes (personal or corporate edition) and Advanced System Care. With so many choices if you like one better, use it. The important point is that you have to have malware/virus protection.
Use a three prong approach to keep your system safe: educate, protect, monitor. Try to understand the types of threats to your computer. The more educated and informed, the better you can protect your system. Monitor for threats and scan your system often. If it looks suspicious, don’t open the email, go to the site or download the file or software.
Please be watchful of the sites you visit, the software you download and the email you open as the threats to your system change daily.