3 Common Website Vulnerabilities Digital Marketers Should Know

hacker-1944688_960_720Cyberattacks can strike no matter how big or small your website might be. In fact, they strike more frequently than you might think, with one study showing that most websites face around 58 attacks every day, even when patched.

The kind of damage resulting from these attacks can vary, from things like financial loss, compromised databases, and stolen information to getting flagged by Google and greeting site visitors with the infamous Google warning page. As Jeffrey Vocell notes, “Up to 85% of people will not continue browsing if a site is not secure.”

Unfortunately, not every digital marketer is equipped with the knowledge and skills to fully deal with cyberattacks head-on. Still, there are a few basic problems anyone can address with minimal effort.

1. WordPress Shortcomings

A multitude of websites rely on WordPress as their content management system (CMS) of choice, yet many have no idea of the possible exploits that can give attackers access to their sites. As a staple CMS, WordPress is naturally a prime target for cyberattacks, many of which take advantage of the system’s poor standard login security.

For starters, using standard usernames or even failing to change your administrator username to anything other than “admin” puts your WordPress site at risk. The simple step of using a unique username can make it exponentially more difficult for attackers to hack your site.

Another thing you may want to tweak is your site’s login URL, as attackers know that many websmasters don’t bother to change the basic URL tag of “wp-login.php”.

After these manual adjustments, you may want to consider using a security plugin to catch other threats you may miss. There over 900 WordPress security plugins out there, but the names that usually come up include Sucuri Security, Wordfence Security, and Bulletproof Security.

2. Shared Hosting

Many webmasters of small business websites opt for shared hosting servers to save money on hosting. This, however, can put your site at the mercy of the weakest link in the collective, as attacks on one site become the vulnerability and perhaps even liability of the hundreds, sometimes thousands, of other sites it shares a host with.

This way of attack is particularly simple due to the availability of an array of tools online that make it easy to check whether a website is hosted on a shared server. Dedicated hosting, as opposed to shared hosting, is recommended for optimal security. It’ll be more expensive, but if you value your data and that of your customers’, it’s well worth the investment.

3. Google Searches

Google provides information on almost everything known to man. Unfortunately, that may also include sensitive details about your website. A simple search may reveal many things that would make your site vulnerable to attacks, including configuration files, log files, and even SQL error messages.

A search with the “site:” search prefix on the engine also allows attackers to scan a URL for things like “admin” or “login” or anything else vital but conveniently labeled.

If attackers can find this kind of information on Google, you can too. Fortunately, plugins like Yoast can help you hide these and other pages you don’t want people to access through Google Search (e.g. gated content like PDFs, audio files, client intake forms).

It’s worth noting that these are only a few basic attacks compared to numerous other attacks of greater complexity and potential for damage. Keeping your website safe is a continuous process of learning, updating, and cultivating a culture of caution among those with access to your site. For further assistance on protecting your site against cyberattacks, contact us today.


Your website may rank highly for your target keywords, but no amount of SEO will do you any good if your website is exposed to cybersecurity attacks. Reports indicate that the average website experiences up to 58 attacks each day; all it takes is one successful attack to wreak untold damage to your site and undo all the long-term organic performance you’ve managed to achieve.

Whether you’re running a website for your small business or doing so for a client, the issue of cybersecurity may have landed on your desk at some point. The problem is that many digital marketers tend to underestimate the potential impact of a cyberattack, thinking that hosting it on a reliable content management system (CMS) like WordPress should be enough to protect it. But this couldn’t further from the truth—any CMS can be exploited.

Fortunately, there are a number of basic things anyone can do to secure their website against potential threats. This article covers three steps designed to plug security gaps attackers tend to exploit first. Follow these steps to secure your site and build trust among your visitors.

To find out more about securing your website, read the full article here.

Want to know if your marketing efforts are actually working? If so, download our FREE Marketing Audit!

Just enter your name and email address below.