At a glance

Quick summary

  • Free download: Disaster Recovery for Business Websites — An Interactive Worksheet
  • Free SiteAudit: Get a checkup for your website
  • Statistic: How many small business websites are hacked (it’s more than you’d think)
  • Risks: The risks you take if you’re hit with a cyber attack
  • How to prepare: Seven top tips for preventing / preparing for a hack

Don’t think a hack will happen to your WordPress website?

  • Unfortunately, that’s not a safe assumption.
  • On average, there are between 60 million and 80 million cyber attacks around the globe every day (Live Cyber Threat Map). And, among those attacks, 30,000 websites are hacked daily (Techjury).
  • Even more damning, 64% of companies worldwide have experienced at least one form of cyber attack (Techjury).
  • And, while lots of small business think that attackers won’t come after them, 31% of targeted attacks focus on businesses with fewer than 250 employees (Ontech Systems, Inc.).

Risks to your business


  • The biggest risk you take with a cyber attack is a major hit to your reputation.
  • If folks think they’re not safe by doing business with you, they’ll never buy. And, they’ll tell others to avoid you as well.

Search engine blacklist

  • To add insult to injury, you run the risk of winding up on a search engine blacklist.
  • If this happens, search engines will penalize you in results.
  • And, any traffic that actually sees your site in results will see that you’ve been hacked, making them much less likely to click, let alone fork over their credit card info.
Screenshot of blacklisted Google search results
Screenshot of blacklisted Google search results

Email address blacklist

  • Your entire domain could be blacklisted, meaning all emails from will wind up in spam automatically.
  • Undoing this will

Money and time

When you combine all of this, recovering from an attack could cost you a ton of money and time.

How to prevent / prepare for a cyber attack

Here are seven simple steps I recommend you follow to prevent / prepare for a cyber attack:

Step 1. Prepare a Disaster Recovery Worksheet

  • Our free Disaster Recovery Worksheet (link below) is an excellent tool to have handy in case of a disaster
  • It’s a form for you to fill out with space to document all of the information that’s critical to quickly recovering from a cyber attack
  • So, if you’re hit by a cyber-attack, you have everything in one place already
  • It’s totally free!

Step 2. Stop using ‘admin’ and ‘administrator’ in your usernames

  • This is super common, and it’s also super easy to fix!
  • Lots of folks use either ‘admin’ or ‘administrator’ in their website usernames, and hackers know this
  • So, if they’re trying to get into your site, it’s best to not give them half of the combination to the safe.
  • If your site is configured like this, it’s time to change it!
  • You can use your name, or your business name, or anything else that makes sense to you. Just don’t use ‘admin’ or ‘administrator’.
  • Here’s a free plugin that will allow you to change usernames on your site:

This plugin is a bit out of date, but I’ve used it recently and it still works!

Step 3. Set high-quality passwords

  • Here’s a quick guide from XKCD on creating better, stronger passwords.
  • Use this method when creating passwords for your accounts, especially admin-level accounts
XKCD infographic for creating better passwords
XKCD infographic for creating better passwords

Step 4. Ensure your site is backed up twice daily

You need to take two backups every single day. Confirm that you have the following backups set up:

Backup #1

  • Most hosting providers (e.g., SiteGround, Cloudways, etc.) take automatic backups
  • But! Don’t assume that yours does.
  • Head over to your hosting account and verify that your site is being backed up once a day

Backup #2

  • For your second backup, there are lots of tools you can choose from
  • Wordfence, All in One WP Security & Firewall, and Jetpack are all great tools to consider!
  • But, if you subscribe to SiteCare (link for more info is below), not only will you get access to secure, daily backups, you’ll also get a suite of tools that help keep your site in tip-top shape.

Step 5. Ensure your backups are stored in separate locations

Check out this article for details about storing backups in separate locations:

Step 6. Install a security plugin

  • Finally, installing a security plugin on your site will help keep most hackers at bay
  • If you sign up for SiteCare (link below), you’ll have access to our incredible security plugin called Defender Pro.
  • Hackers, brute forcers, and malicious bots are no match for Defender Pro’s mighty WordPress security shields and cloaking technology!

There’s no security tool out there that will prevent 100% of attacks. Security tools are like vaccines: You have to know about the virus before you can create a vaccine to prevent it.

Step 7. Get a free checkup for your WordPress site

If you’d like a pro to perform a checkup on your site — for free — we’d love to help!

Sign up for a SiteAudit (link below) and we’ll audit 21 key areas to make sure your site is performing its best.

Others? Questions?

Any thoughts or questions? Anything with which you disagree? Anything I missed?

Leave a comment below and let me know!