FHB Logo Facebook LinkedIn Email Pinterest Twitter Instagram Tiktok YouTube Plus Icon Close Icon Navigation Search Icon Navigation Search Icon Arrow Down Icon Video Guide Icon Article Guide Icon Modal Close Icon Guide Search Icon Skip to content
Subscribe
Log In
  • How-To
  • Design
  • Tools & Materials
  • Videos
  • Blogs
  • Forum
  • Magazine
  • Members
  • FHB House
  • Podcast
Log In
Building Business

Contractor Website Security – How to Avoid Getting Hacked

Learn how to keep your website as secure as possible.

By Martin Holsinger

There’s nothing more unsettling than waking up in the morning to find your contracting website has been hacked; It’s alarming to see your website directing readers to inappropriate material, clickbait, or any other link over which you have no control because your website has been hacked.

Recently I had a contractor come to me asking me about the security measures we perform for our website clients as his website had been hacked more than once. I’ve learned a thing or two in the years I’ve been helping contractors, and today I want to give you a few tips on how to keep your website as secure as possible.

Currently, if you have a website and any online presence, it’s not so much a matter of IF your website will come under attack, but WHEN—so here are five tips to ensure you have a rock solid, protected website!

1. Update Your Passwords

This is a very foundational tip, and one that’s important for you to practice across all your online activities—not just your website. Updating your passwords on a regular basis is vital and important for your online safety.

Also, it is highly, highly important that you create indecipherable and unique passwords for each of your accounts. Hackers are primarily able to access accounts through insecure passwords, and passwords created with your first name, last name, or date of birth are very insecure. To make sure your password is strong, use a combination of uppercase/lowercase letters and numbers or symbols such as stars, dollar signs, hyphens, etc.

Lastly, I then recommend that you change your passwords regularly. Twice a year is sufficient, but if you want to be really proactive, change them once a month.

Store your passwords in a secure space such as LastPass, where you can access them, but no one else can!

2. Use WordPress Security Plugins

The second security tip I have for you today (and this is assuming that your websites are built on WordPress) is to use the security plugins built for WordPress.

Here are a couple of WordPress security plugins I recommend:

SUCURi

SUCURi is a powerful WordPress security plugin. It does auditing, malware scanning, and hardening. The plugin developers are constantly updating SUCURi and building it up so that it works better and better every year. There’s a lot of things that I certainly don’t understand about hacking, but having a plugin like this installed in your website will definitely help with checking for malware, spam, blacklisting and other security issues.

Wordfence

The next plugin I want to recommend is called Wordfence security. Wordfence security is pretty simple to understand; it’s an antivirus firewall and malware scan and it constantly runs in the back of your website keeping track of what internet users are doing or trying to do with your site. If something goes wrong in your website, it will be recorded by the plugin.

The developers at Wordfence are continuously analyzing the current threats and developing new detection rules and protection to help stop hacks before they happen.

Brute Force Attempts

I want to encourage you to make sure your security plugins are set in such a way to limit brute force logins to your website. A brute force login is when a hacker will try to login to access your WordPress dashboard by using what are called ‘brute force robots.”

These robots go out to comb the internet, find a WordPress website, and start hitting the login with combinations of usernames and passwords. I mean, we’re talking thousands and thousands of attempts to log in within minutes—possible because it’s all done by robots and not by people. So you can imagine that by just sheer brute force they can eventually figure out what the combination is and get in to the website.

It’s very helpful to have a plugin that will limit brute force attempt. In other words, if you try to log in three times and all three times you fail, the plugin will stop the login option, making it impossible to login. Having that capability built into your website is very important to keeping your website secure from hackers.

3. Use a WordPress Framework With Child Theme

All right, we’re going to move on to our third point; use a child theme framework on WordPress. A WordPress child theme is a website theme that sits on top of a WordPress framework. The child theme takes care of the look and feel of the website, and all the customizations that may have been made. It makes updating your website easier, and there is no risk of losing your customized features.

We use and prefer the Genesis framework from Studio Press. We have used this framework for years, and it’s very, very good, rock solid, and secure. When they were developing Genesis, they brought in one of the core WordPress developers to make sure that the Genesis framework was as secure as possible. With his guidance, they were able to build their framework to follow all WordPress’s best security best practices, and they have continued to do so.

I highly recommend Genesis and a child theme for your WordPress website. Not only is it secure, but it also makes updating your site and your site customization easier.

4. Regularly Update Your Website and Plugins

It’s very important that you update not only your WordPress site, but also your plugins on a regular basis. Hackers often take advantage of vulnerable websites through outdated plugins. The plugin developers will continue to run updates to keep their plugins secure.

Whenever they issue a new update, you should immediately go into your dashboard and update those plugins. This is so important that we’ve included regular updates to all the core codes and plugins of the website as one of the main services we offer in our contractor website maintenance package. It helps keep your website very secure.

5. Secure Your Website Domain Name

Our final tip for this article is to make sure that your website domain name is secure. I’m talking about the SSL certificate at the front of your domain name.

If you go to a website on a desktop and you look at the domain name, it should say (https://). It will not be just “http” because the “http” is not secure and Google is now requiring that all websites have the “s” added. This creates a secure socket layer and makes it obviously harder to hack—better for Google and better for everyone.

This is also something we require of all our contractor website clients as well, and thankfully, secure socket layers are not expensive. They’re also easy to purchase and install. Of course, there are different levels that you can purchase. One level contains a green bar that shows very quickly if a site is secure. It costs a little bit more, but still it’s not too expensive. In my opinion, it’s totally worth it. Securing your domain name is a practical way to protect your website from hackers.

Summary

To keep your website as secure as possible, update your passwords regularly with unique and indecipherable passwords. Install WordPress security plugins to protect your website, and update them every time an update is released. Use the Genesis WordPress Child Theme for a secure, easily customizable website, and ensure that your contracting company’s domain name is secured and approved by Google.

These are just a few simple tips to help you zip up your website and make it secure in the present and as you move forward with building your online presence!

*****

Thank you for joining me today. If you have any further questions or comments, please join the conversation in the comments below.

*****

Follow me on Instagram for behind-the-scenes stuff. And if you want to go deeper with marketing your business, you may get a free copy of my contractor marketing book, Contractor Marketing Simplified.

Sign up for eletters today and get the latest how-to from Fine Homebuilding, plus special offers.

Signing you up...

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
See all newsletters
See all newsletters
×

Get home building tips, offers, and expert advice in your inbox

Signing you up...

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
See all newsletters
See all newsletters

New Feature

Fine Homebuilding Forums

Ask questions, offer advice, and share your work

Log in or create an account to post a comment.

Sign up Log in

Become a member and get full access to FineHomebuilding.com

More Building Business

View All
  • Best Practices for Home-Building Project Communication
  • Healthy Cash-Flow Management
  • Tools for Managing Home-Building Financials
  • How to Hire and Retain Good Tradespeople
View All

Up Next

Video Shorts

Featured Story

Speedy PEX Expander

The M12 ProPEX expander from Milwaukee is the fastest expanding tool.

Featured Video

SawStop's Portable Tablesaw is Bigger and Better Than Before

The 10-in. Jobsite Saw PRO has a wider table, a new dust-control port, and a more versatile fence, along with the same reliable safety mechanism included in all SawStop tablesaws.

Related Stories

  • Lydia Crowder, Drywaller
  • 4 Types of Residential Project Delivery Methods
  • Podcast 596: Members-only Aftershow — The State of Home Building
  • Podcast 595: Members-only Aftershow—Building and Remodeling Contracts

Discussion Forum

Recent Posts and Replies

  • |
  • |
  • |
  • |
  • |
  • |
View More Create Post

Highlights

Fine Homebuilding All Access
Fine Homebuilding Podcast
Tool Tech
Plus, get an extra 20% off with code GIFT20

"I have learned so much thanks to the searchable articles on the FHB website. I can confidently say that I expect to be a life-long subscriber." - M.K.

Get home building tips, offers, and expert advice in your inbox

Signing you up...

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
See all newsletters
See all newsletters

Video

View All Videos
  • Podcast 596: Members-only Aftershow — The State of Home Building
  • Podcast 595: Members-only Aftershow—Building and Remodeling Contracts
  • Podcast 594: PRO TALK with Contractor Andy Steele and Student Jude Griffin
  • Podcast 592: PRO TALK With Insurance Adjuster Josh Zoller
View All

Business

View All Business Articles
  • Podcast 591: Members-only Aftershow—Hidden Costs of Construction
  • Podcast 590: PRO TALK With Operating Engineer Trainer John Klabacka
  • Podcast 588: PRO TALK With FHB House 2023 Builder Jon Beer
  • Podcast 586: PRO TALK With Timber Framer Will Gusakov
View All Business Articles

BOOKS, DVDs, & MERCH

Shop the Store
  • Pretty Good House
    Buy Now
  • 2023 Tool Guide
    Buy Now
  • Code Check Complete 3rd Edition
    Buy Now
  • 2022 Fine Homebuilding Archive
    Buy Now
  • Shop the Store

Fine Homebuilding Magazine

  • Issue 318 - October 2023
    • Make Mudsills Square and Level
    • Turn Up the Heat With Induction Cooktops
    • The Fine Homebuilding Interview: Lloyd Alter
  • Issue 317 - Aug/Sept 2023
    • Finishing Drywall With Seamless Results
    • A Flat Roof in a Cold Climate
    • Compact Cordless Shop Vacs
  • Issue 316 - July 2023
    • Timber-Framed Solar Canopies
    • Build a Transom Above a Stock Door
    • Understanding Toilet Design and Efficiency
  • Issue 315 - June 2023
    • How to Craft a Copper Roof
    • 5 Lessons from Building in a Cold Climate
    • The Advantages of Cellular PVC Siding
  • Issue 314 - April/May 2023
    • 7 Options for Countertops
    • Tool Test: Wood-Boring Bits
    • Critical Details for Ductless Heat Pumps

Fine Homebuilding

Follow

  • YouTube
  • instagram
  • facebook
  • pinterest
  • Tiktok
  • twitter

Newsletter

Get home building tips, offers, and expert advice in your inbox

Signing you up...

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
See all newsletters
See all newsletters

Membership & Magazine

  • Online Archive
  • Start Free Trial
  • Magazine Subscription
  • Magazine Renewal
  • Gift a Subscription
  • Customer Support
  • Privacy Preferences

Taunton Network

  • Green Building Advisor
  • Fine Woodworking
  • Fine Gardening
  • Threads
  • About
  • Contact
  • Advertise
  • Careers
  • Copyright
  • Terms of Use
  • Site Map
  • Do not sell or share my information
  • Privacy Policy
  • Accessibility
  • California Privacy Rights

© 2023 The Taunton Press, Inc. All rights reserved.

X
X
This is a dialog window which overlays the main content of the page. The modal window is a 'site map' of the most critical areas of the site. Pressing the Escape (ESC) button will close the modal and bring you back to where you were on the page.

Main Menu

  • How-To
  • Design
  • Tools & Materials
  • Video
  • Blogs
  • Forum
  • Reader Projects
  • Magazine
  • Members
  • FHB House

Podcasts

  • FHB Podcast
  • ProTalk

Webinars

  • Upcoming and On-Demand

Podcasts

  • FHB Podcast
  • ProTalk

Webinars

  • Upcoming and On-Demand

Popular Topics

  • Kitchens
  • Business
  • Bedrooms
  • Roofs
  • Architecture and Design
  • Green Building
  • Decks
  • Framing
  • Safety
  • Remodeling
  • Bathrooms
  • Windows
  • Tilework
  • Ceilings
  • HVAC

Magazine

  • Current Issue
  • Past Issues
  • Magazine Index
  • Subscribe
  • Online Archive
  • Author Guidelines

All Access

  • Member Home
  • Start Free Trial
  • Gift Membership

Shop the Store

  • Books
  • DVDs
  • Taunton Workshops

More

  • FHB Ambassadors
  • Reader Projects
  • Podcast
  • FHB House
  • Customer Support

Account

  • Log In
  • Join

Newsletter

Get home building tips, offers, and expert advice in your inbox

Signing you up...

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
See all newsletters
See all newsletters

Follow

  • YouTube
  • instagram
  • facebook
  • pinterest
  • Tiktok
  • twitter

Join All Access

Become a member and get instant access to thousands of videos, how-tos, tool reviews, and design features.

Start Your Free Trial

Subscribe

FHB Magazine

Start your subscription today and save up to 70%

Subscribe

We hope you’ve enjoyed your free articles. To keep reading, become a member today.

Get complete site access to expert advice, how-to videos, Code Check, and more, plus the print magazine.

Start your FREE trial

Already a member? Log in