If your law firm website or blog uses WordPress as its content management system, please take a look at my latest Slaw column on beefing up security measures around the administration login area. WordPress is our preferred development platform here at Stem, so I’ve tried to outline some of the steps we take when setting up a new website.
It should be said that every website is susceptible to a hacking attack to some degree, and vulnerability often depends on the determination of the individual hacker. The measures suggested here are much more about protecting your website against automated password testing, or scripted attacks. Taking these precautions, along with adding the recommended modules, can help guard against these attacks — and conceivably save your firm a few headaches.
On the SEO side, the column recommends monitoring your website’s status in Google Webmaster Tools; and how Google can help confirm if a hacking attack has taken place. It also discusses the fallout of recovering from temporary search ranking penalties, which may be applied to your domain.
We’d much rather see firms market their websites than be forced to recover from a hacking attack. Frankly, it’s a huge waste of everyone’s time… So please, be cautious about using WordPress out-of-the-box, and pass along these tips — they should take less than an hour to put into place.