Your website is often how the world, your clients, colleagues and suppliers view you. So why is it when I speak to many clients they are unsure about much of how their website functions or how it is looked after, except “possibly” who the developer is. Knowing the developer is one thing – but sometimes even that information is not readily available – who hosts the domain is another unknown all together!
Have a look at this:
How much are you relying on your web designer to protect your reputation?
Hackers modify online stores’ 404 pages to steal credit cards (bleepingcomputer.com)
Now we come to WordPress…
WordPress is one of, if not, the most popular platform for creating a website – consequently many developers use it, to great success, Octagon does. But there are two things that threat actors like about WordPress, it is so popular, that makes for many possible targets, and it uses plug-ins, which may or may not be written securely or updated regualrly. That is why there are continually headlines like this:
Over 17,000 WordPress sites hacked in Balada Injector attacks last month (bleepingcomputer.com)
This is why you or your cyber security support need to know about your website and domain management and why you need to insist on a certain standard of cyber security from them. We have a checklist for this that we use for our clients – and sometimes the web developers do not want to play! That would say a lot about their service to you!
Clive Catton MSc (Cyber Security) – by-line and other articles


