FHB Logo Facebook LinkedIn Email Pinterest Twitter Instagram Plus Icon Close Icon Navigation Search Icon Arrow Down Icon Video Guide Icon Article Guide Icon Modal Close Icon Guide Search Icon Skip to content
Main Menu
Subscribe

In every issue you'll find...

  • Expert insights on techniques and principles
  • Unbiased tool reviews
  • Step-by-step details to master the job
  • Field-tested advice and know-how
Subscribe Now!
Subscribe
  • How-To
  • Design
  • Tools & Materials
  • Videos
  • Blogs
  • Forum
  • Magazine
  • Members
  • FHB House
  • Podcast
  • Join
  • Log In
Main Menu Subscribe
Building Business

Contractor Website Security – How to Avoid Getting Hacked

Learn how to keep your website as secure as possible.

By Martin Holsinger
Article Image

There’s nothing more unsettling than waking up in the morning to find your contracting website has been hacked; It’s alarming to see your website directing readers to inappropriate material, clickbait, or any other link over which you have no control because your website has been hacked.

Recently I had a contractor come to me asking me about the security measures we perform for our website clients as his website had been hacked more than once. I’ve learned a thing or two in the years I’ve been helping contractors, and today I want to give you a few tips on how to keep your website as secure as possible.

Currently, if you have a website and any online presence, it’s not so much a matter of IF your website will come under attack, but WHEN—so here are five tips to ensure you have a rock solid, protected website!

1. Update Your Passwords

This is a very foundational tip, and one that’s important for you to practice across all your online activities—not just your website. Updating your passwords on a regular basis is vital and important for your online safety.

Also, it is highly, highly important that you create indecipherable and unique passwords for each of your accounts. Hackers are primarily able to access accounts through insecure passwords, and passwords created with your first name, last name, or date of birth are very insecure. To make sure your password is strong, use a combination of uppercase/lowercase letters and numbers or symbols such as stars, dollar signs, hyphens, etc.

Lastly, I then recommend that you change your passwords regularly. Twice a year is sufficient, but if you want to be really proactive, change them once a month.

Store your passwords in a secure space such as LastPass, where you can access them, but no one else can!

2. Use WordPress Security Plugins

The second security tip I have for you today (and this is assuming that your websites are built on WordPress) is to use the security plugins built for WordPress.

Here are a couple of WordPress security plugins I recommend:

SUCURi

SUCURi is a powerful WordPress security plugin. It does auditing, malware scanning, and hardening. The plugin developers are constantly updating SUCURi and building it up so that it works better and better every year. There’s a lot of things that I certainly don’t understand about hacking, but having a plugin like this installed in your website will definitely help with checking for malware, spam, blacklisting and other security issues.

Wordfence

The next plugin I want to recommend is called Wordfence security. Wordfence security is pretty simple to understand; it’s an antivirus firewall and malware scan and it constantly runs in the back of your website keeping track of what internet users are doing or trying to do with your site. If something goes wrong in your website, it will be recorded by the plugin.

The developers at Wordfence are continuously analyzing the current threats and developing new detection rules and protection to help stop hacks before they happen.

Brute Force Attempts

I want to encourage you to make sure your security plugins are set in such a way to limit brute force logins to your website. A brute force login is when a hacker will try to login to access your WordPress dashboard by using what are called ‘brute force robots.”

These robots go out to comb the internet, find a WordPress website, and start hitting the login with combinations of usernames and passwords. I mean, we’re talking thousands and thousands of attempts to log in within minutes—possible because it’s all done by robots and not by people. So you can imagine that by just sheer brute force they can eventually figure out what the combination is and get in to the website.

It’s very helpful to have a plugin that will limit brute force attempt. In other words, if you try to log in three times and all three times you fail, the plugin will stop the login option, making it impossible to login. Having that capability built into your website is very important to keeping your website secure from hackers.

3. Use a WordPress Framework With Child Theme

All right, we’re going to move on to our third point; use a child theme framework on WordPress. A WordPress child theme is a website theme that sits on top of a WordPress framework. The child theme takes care of the look and feel of the website, and all the customizations that may have been made. It makes updating your website easier, and there is no risk of losing your customized features.

We use and prefer the Genesis framework from Studio Press. We have used this framework for years, and it’s very, very good, rock solid, and secure. When they were developing Genesis, they brought in one of the core WordPress developers to make sure that the Genesis framework was as secure as possible. With his guidance, they were able to build their framework to follow all WordPress’s best security best practices, and they have continued to do so.

I highly recommend Genesis and a child theme for your WordPress website. Not only is it secure, but it also makes updating your site and your site customization easier.

4. Regularly Update Your Website and Plugins

It’s very important that you update not only your WordPress site, but also your plugins on a regular basis. Hackers often take advantage of vulnerable websites through outdated plugins. The plugin developers will continue to run updates to keep their plugins secure.

Whenever they issue a new update, you should immediately go into your dashboard and update those plugins. This is so important that we’ve included regular updates to all the core codes and plugins of the website as one of the main services we offer in our contractor website maintenance package. It helps keep your website very secure.

5. Secure Your Website Domain Name

Our final tip for this article is to make sure that your website domain name is secure. I’m talking about the SSL certificate at the front of your domain name.

If you go to a website on a desktop and you look at the domain name, it should say (https://). It will not be just “http” because the “http” is not secure and Google is now requiring that all websites have the “s” added. This creates a secure socket layer and makes it obviously harder to hack—better for Google and better for everyone.

This is also something we require of all our contractor website clients as well, and thankfully, secure socket layers are not expensive. They’re also easy to purchase and install. Of course, there are different levels that you can purchase. One level contains a green bar that shows very quickly if a site is secure. It costs a little bit more, but still it’s not too expensive. In my opinion, it’s totally worth it. Securing your domain name is a practical way to protect your website from hackers.

Summary

To keep your website as secure as possible, update your passwords regularly with unique and indecipherable passwords. Install WordPress security plugins to protect your website, and update them every time an update is released. Use the Genesis WordPress Child Theme for a secure, easily customizable website, and ensure that your contracting company’s domain name is secured and approved by Google.

These are just a few simple tips to help you zip up your website and make it secure in the present and as you move forward with building your online presence!

*****

Thank you for joining me today. If you have any further questions or comments, please join the conversation in the comments below.

*****

Follow me on Instagram for behind-the-scenes stuff. And if you want to go deeper with marketing your business, you may get a free copy of my contractor marketing book, Contractor Marketing Simplified.

Sign up for eletters today and get the latest how-to from Fine Homebuilding, plus special offers.

Sign Up

Get home building tips, offers, and expert advice in your inbox

×
X
X

New Feature

Fine Homebuilding Forums

Ask questions, offer advice, and share your work

Log in or create an account to post a comment.

Sign up Log in

Become a member and get full access to FineHomebuilding.com

More Building Business

View All
  • Marketing in Place

  • Check Construction Estimate Profit First for Contractors

    Checking Your Construction Estimate

  • Top 4 Things We Learned in 2018

  • 7 Benefits of Paid Online Ads

View All

Up Next

Featured Story

Myron stands in a room under construction with text on screen saying Drywall Hanging the Ceiling Recap

Hang Drywall on the Ceiling the Right Way

Follow along as Myron explains how to make straight seams and accurate holes for electrical boxes when hanging ceilings.

Featured Video

A Modern California Home Wrapped in Rockwool Insulation for Energy Efficiency and Fire Resistance

The designer and builder of the 2018 Fine Homebuilding House detail why they chose mineral-wool batts and high-density boards for all of their insulation needs.

Related Stories

  • The Fine Homebuilding Interview: Matt Risinger

  • Brad Stoppenhagen, Remodeler

  • Podcast 329: PRO TALK With Modular-Home Builder Jason Webster

  • Big Takeaways From Presentations at the Builders' Show

Discussion Forum

Recent Posts and Replies

  • |
  • |
  • |
  • |
  • |
  • |
View More Create Post

Highlights

  • Fine Homebuilding All Access
  • Fine Homebuilding Podcast
  • Tool Tech

    Plus, get an extra 20% off with code GIFT20

  • "I have learned so much thanks to the searchable articles on the FHB website. I can confidently say that I expect to be a life-long subscriber." - M.K.

    Get home building tips, offers, and expert advice in your inbox

    Sign Up See all newsletters

Video

View All
  • Fine Homebuilding Podcast 329: PRO TALK With Jason Webster

    Podcast 329: PRO TALK With Modular-Home Builder Jason Webster

  • Podcast Episode 170: Is There Really a Skilled-Trade Gap?

  • Podcast Episode 163: Live from the Builder's Show: Home Depot’s Pro Services and Advancements in Cordless Tools

  • Why I Build: Brent Kelosky, Wood-Flooring Specialist

View All

Business

View All
  • The Fine Homebuilding Interview: Matt Risinger

    The Fine Homebuilding Interview: Matt Risinger

  • Brad Stoppenhagen, Remodeler

    Brad Stoppenhagen, Remodeler

  • Mike Rowe

    Big Takeaways From Presentations at the Builders' Show

  • illustration of window framing house

    Third-Day at IBSx: Pure Learning

View All

BOOKS, DVDs, & MERCH

Shop the Store
  • Fine Homebuilding Magazine Slipcase

    Buy Now
  • Musings of an Energy Nerd

    Buy Now
  • 2020 Fine Homebuilding Archive

    Buy Now
  • Code Check Building 4th Edition

    Buy Now
  • Shop the Store

Fine Homebuilding Magazine

  • Issue 298 - April/May 2021

    • Butt Boards for Smooth Ceilings
    • Help Installing Gutters
    • Safety Bucket
  • Issue 297 - Feb/Mar 2021

    • Foundations for Success
    • Staircase Renovation
    • Ditch the Hose
  • Issue 296 - Dec 2020/Jan 2021

    • Insulating Glass Keeps Getting Better
    • Simple Way to Make Old Walls Straight and Plumb
    • Making Sense of Minisplits
  • Issue 295 - Kitchens & Baths

    • Condo Kitchen Reimagined
    • Row-House Remodel
    • Rise of the IAQ Monitor
  • Issue 294 - Oct/Nov 2020

    • Schoolhouse Reimagined
    • Tool Test: Folding Sawhorses
    • A Better Way to Build Tall Walls

Fine Homebuilding

Follow

Newsletter

Get home building tips, offers, and expert advice in your inbox

Sign Up See all newsletters

Membership & Magazine

  • Online Archive
  • Start Free Trial
  • Magazine Subscription
  • Magazine Renewal
  • Gift a Subscription
  • Customer Support
  • Manage Preferences

Taunton Network

  • Green Building Advisor
  • Fine Woodworking
  • Fine Gardening
  • Threads
  • About
  • Contact
  • Advertise
  • Privacy Policy
  • Careers
  • Copyright
  • Terms of Use
  • Accessibility
  • California Privacy Rights

© 2021 The Taunton Press, Inc. All rights reserved.

    Main Menu

  • How-To
  • Design
  • Tools & Materials
  • Video
  • Blogs
  • Forum
  • Reader Projects
  • Magazine
  • Members
  • FHB House
  • Podcasts

  • FHB Podcast
  • ProTalk
  • Account

  • Log In
  • Join

    Podcasts

  • FHB Podcast
  • ProTalk
  • Popular Topics

  • Kitchens
  • Business
  • Bedrooms
  • Roofs
  • Architecture and Design
  • Green Building
  • Decks
  • Framing
  • Safety
  • Remodeling
  • Bathrooms
  • Windows
  • Tilework
  • Ceilings
  • HVAC

    Magazine

  • Current Issue
  • Past Issues
  • Magazine Index
  • Subscribe
  • Online Archive
  • Author Guidelines

    All Access

  • Member Home
  • Start Free Trial
  • Gift Membership

    Shop the Store

  • Books
  • DVDs
  • Taunton Workshops

    More

  • FHB Ambassadors
  • Reader Projects
  • Podcast
  • Customer Support

    Account

  • Log In
  • Join

Newsletter

Get home building tips, offers, and expert advice in your inbox

Sign Up See all newsletters

Follow

Join All Access

Become a member and get instant access to thousands of videos, how-tos, tool reviews, and design features.

Start Your Free Trial

Subscribe

FHB Magazine

Start your subscription today and save up to 52%

Subscribe

We hope you’ve enjoyed your free articles. To keep reading, become a member today.

Get complete site access to expert advice, how-to videos, Code Check, and more, plus the print magazine.

Start your FREE trial

Already a member? Log in