Your computer security
One of the main WordPress site security factors is your computer security. More specifically, protection of the computer or computers which you use to manage your WordPress site and its hosting server. Computer infected with any malware could cause a severe threat to your data and as mentioned to your WordPress site or sites. It means your computer security equals your WordPress security.
A hacker could exploit your computer in various ways, and there are a lot of different types of malware that could help them. Adware, bots, ransomware, rootkits, spyware, Trojan horses, viruses, worms and more. Any uncertain software could get you a massive headache and a bunch of problems.
Sensitive data and what you need to protect the most
What is the sensitive data? Sensitive data is any data that includes personal, financial or other information that could be used to steal your identity, connect to your bank accounts, email boxes, websites and more. To protect your WordPress site or sites, you should keep related data safely.
Do not store any login data like passwords or FTP credentials, MySQL server passwords on your computer in plain text files. These files could be scanned by malware if your computer security compromised and it is now infected.
By the way, if you’re using any FTP client software on your computer make sure it stores login data of FTP accounts on encrypted file. Some of the FTP clients store this data in simple text files. It could cause risk to your FTP account security.
Same applies to email clients if they save emails on unencrypted archive files and emails scanned by malware could expose sensitive login data.
Computer malware types and hazards
OK, let’s look at the list of the most common computer malware types.
- Adware – this kind of malware is designed to show you ads. A lot of ads, and not necessarily on your browser. Adware is not intended to do direct damage, but it can be used to download other more dangerous malicious software to your computer.
- Bots – you probably heard something about botnets. A botnet is a group of computers infected with the same bot type malware. Bots are designed to exploit computer resources for various tasks. Your computer could be involved in spamming, distributed Denial-of-Service attacks and other malicious activity.
- Ransomware – a nasty type of malware that could encrypt all files on your computer and demand ransom for the decryption key. Well, it could make a huge impact on your business and everyday stuff. Just think about a computer that you used for software development, and all files are encrypted without any chance to get them back without paying ransom.
- Rootkit – is a piece of software used to access your computer by network unattended. An attacker can exploit your computer in various ways and get all the data stored on it.
- Spyware – makes a lot of nasty things. It can harvest all the information about your activity. For example keystrokes, login information, browsing history and way more.
- Trojan Horse – well, the name says everything. Trojan Horse or just Trojan is a type of malware that pretends to be a friendly one, but actually, it tricks you to download other malicious software. Be careful downloading software from unreliable websites.
- Virus – viruses are capable of copying themselves and attaching the copied version to other files. They can write a copy of themselves to the removable media like USB memory keys, email attachments or spread over the computer network and even through web applications by Cross-Site Scripting method. Beside those sophisticated spreading methods, viruses can do any damage by stealing or corrupting computer data. Also, they could exploit your computer for DDoS attacks and way more.
- Worm – this type of malware is more focused on computer networks. It is capable of looking up computer networks for connected computers and infects them using security flaws, for example, vulnerable outdated software. Worms are like viruses, but they don’t need any user interaction like opening the infected program file, worms are autonomous.
- Keylogger – this type of malware is designed to register all activity of your keyboard and send this data to an attacker. There is no chance to protect your passwords if you’re typing them with a keyboard instead of using any password management software.
Now you can see that there are various types of malware and all these malware types are dangerous enough. Your computer security is like the first line of defense. It’s crucial to keep your computer security at a high level and safe from any malicious software to keep your WordPress sites safe as well.
Computer security tips
To avoid malicious software you need to follow specific rules. It will reduce the chances of infecting your computer with computer malware.
- Do not install any software downloaded from torrent sites, especially software that requires additional software like cracks, keygens, emulators, patches or loaders. Illegally distributed software mostly has a malicious code injected. This malicious code could exploit your computer independently or download the additional malware unattended.
- Keep your computer software up to date. It is critical to update your operating system (for example Windows or MacOS). The same applies to other software like web browsers, FTP clients and security programs like antivirus or firewall software.
- Keep your hardware up to date. Yes, you have read that right. It’s highly recommended to keep your network equipment like routers, modems and other stuff that connects to the internet up to date. You would not believe, but your router could be hacked due to outdated firmware.
- You need to be careful with your emails. It doesn’t matter if you use online email clients like Gmail, or you have an email client program installed on your computer. The first rule is to avoid to open suspicious attachments. When we say suspicious, we mean executable files (exe, bat, com, reg, bin and more) and compressed archive files (zip, rar, tar, gz and more). Do not open any attachments sent to you by unknown senders, even the simplest Microsoft Office Word or Exel files could be modified to transfer malicious software code to your computer. The second rule – do not press suspicious links or links sent to you by unknown senders. Just ignore them.
- Do not use publicly available computers like those in Internet cafes to log into your WordPress or other accounts. Anyway if you need to do it, we would recommend you to use additional security measures like 2FA (Two-Factor Authentication) for your WordPress login page or Gmail account.
- Please use only strong passwords for all your accounts and even for your computer user account. Strong passwords are hard to pick up or guess. Do not use the same passwords for more than one account.
- We highly recommend to use antivirus, firewall and antimalware software made by well-known companies to make your computer more secure.
- Do not keep sensitive data like passwords on your computer in simple text files or other files that could be scanned by malicious software.
- Do not connect suspicious USB memory keys, external hard drives, memory cards, and do not run suspicious CD/DVDs if you’re not 100% sure that they are safe to load.
- If you noticed the unusual behavior of your computer it might be signs of malware activity. You might see a huge performance drop, overloaded hard disc, strange tasks in task manager, popups with ads or high data traffic. You need to disconnect the computer from the internet (physically). Change the passwords on the important accounts from the other computer or smartphone as soon as it is possible. Take further actions to check and clean your computer. Keep in mind that all removable media might be infected as well.