The AV-TEST Institute estimates that more than 250,000 new forms of malware attacks are created every day. If your site isn’t secured, one of these hundreds of thousands could end up targeting your WordPress website.
Given how common malware is, it’s important to understand exactly what it is and how to stop it from wreaking havoc on your site.
Today, we’ll define malware, discuss the most common types, and explain how to prevent malware with the help of Jetpack.
Types of malware to look out for
Malware, short for malicious software, is any piece of hostile or intrusive software. Typically, malware is used to steal personal, financial, or business information. There have also been instances of malware being used to control users’ computers for illicit purposes.
To give you a better idea of what malware is — and why it’s so dangerous — here are definitions of the different kinds of malware that you should be aware of:
- Virus: Distributes copies of itself by modifying other computer programs and inserting its own code. Viruses can be used to access and steal information.
- Worm: Replicates itself and spreads to other computers across a network. Worms harm networks by overloading web servers, but can also delete files, steal data, and remotely control computers.
- Trojans: Disguise themselves as normal files or programs to trick users into installing them. They usually give the attacker remote access to a computer so they can steal data, install other malware, and attack other computers.
- Rootkit: Gives the hacker unauthorized access to a certain program or website. Once installed, the attacker can remotely log into the program or website to access or steal information.
- Ransomware: Blocks access to a computer’s data, threatening to publish or delete it until a ransom is paid.
- Adware and Spyware: Adware displays unwanted ads on your computer (outside of the typical legal channels) and redirects you to sites for marketing purposes. Adware often comes bundled with spyware, which keeps track of your internet activities and harvests information about you.
Malware can be harmful to your WordPress site. It affects the functionality and speed of your website and, even worse, puts you on the Google “blacklist,” that alerts users of suspicious sites to discourage them from visiting.
So, how do you prevent this from happening to your site? The best way to stay uninfected is to strengthen your site’s security. That’s where Jetpack can help.
Four Jetpack tools that fight malware
Jetpack’s suite of Security and Backup Services is designed to protect your site from malware attacks, monitor your site for suspicious activity, and help with clean-up in the event that you fall prey to an attack.
Jetpack comes with a range of features that help keep malware away from your site:
1. Two-factor authentication
The first line of defense is to make sure that your site’s passwords cannot be easily guessed. Otherwise, a hacker could use malware to remotely log in. Using a strong password is a typical requirement, but Jetpack helps you take it to the next level with two-factor authentication.
Two-factor authentication protects your login page by enabling a security strategy that requires both a password and a one-time code sent only to you. With two-factor authentication enabled, even if a hacker does crack your password, they won’t be able to enter your site because the secondary form of identification (text message, WordPress.com app, etc.) is in your hands, not theirs.
2. Brute force protection
Two-factor authentication supports Jetpack in protecting against what’s known as brute force attacks. These attacks are trial-and-error attempts to guess a password using automated malware that generates a large number of passwords until the correct one is discovered.
Apart from the obvious security threat of unauthorized access to your site, websites also slow down during a brute force attack. Even with two-factor authentication in place, your site may lag, driving away traffic, if attacked. Fortunately, Jetpack stops brute force attacks before your site can feel the effects, keeping it secure and fast.
3. Automatic plugin updates
One of the biggest security threats that WordPress sites face is outdated plugins. Plugins that aren’t updated often enough may have security vulnerabilities.
The safest thing to do is update plugins immediately after a new version is released, but how can you prevent potentially missing or forgetting to install an update?
Jetpack’s Plugin Updates feature is your answer. Once the feature is enabled, you can choose which of your plugins to update automatically with each new release. This keeps your site secure from attacks that use plugin vulnerabilities — all without any extra work on your part.
4. Daily security scans
With its Premium and Professional plans, Jetpack offers Security Scanning, which scans for viruses, malware, and other threats. With Jetpack’s security scans, you receive:
Automatic, daily scans for suspicious code and activity on your site
On-demand scans when you suspect that something is wrong
Instant email notifications when a threat is detected
Detailed information about the threat and affected files
Automated resolutions for a large number of known threats
Expert, priority support from Jetpack’s Happiness Engineers to help you fix problems
Cleaning up after malware
In the unfortunate case that your site is infected with malware, Jetpack offers tools to restore your site to a clean state.
The first thing you will need is a backup. Jetpack keeps a copy of your site on a secure, offsite server. No matter what happens to your site, all your hard work will be saved. And with Jetpack, you can restore your site with one click from any of your backups.
Although Jetpack offers automated solutions for protection, site backups, and site restores, the internet changes so fast that not every threat or situation can have an automated fix. That’s why Jetpack offers priority WordPress support with all paid plans. Its Happiness Engineers are available to help you secure your site and recover from an attack as quickly as possible.
Let your malware worries be a thing of the past
Preventing malware may sound tricky, but Jetpack’s security features and malware prevention tools streamline the process with a few clicks.
Do you have any other tips on how to prevent malware on a WordPress site? Let us know in the comments below.
Explore the benefits of Jetpack plans
Compare plans in detail to see how Jetpack can help you design, market, and secure your WordPress site.Compare plans