Jeff Lantz

Love and Website Security – WordFence and RSJoomla!

It’s February, love is in the air, and I’m a sucker for …. website security.

We all know that we need to use secure passwords for website administration login. Additionally, minimizing plugins (for WordPress) and extensions (for Joomla) should also be done, as each plugin or extension can serve as a pathway to core file manipulation. As a result, plugin and extension addition should be done very carefully.

There are, however, two great security applications that I would strongly suggest implementing – Wordfence (www.wordfence.com) if your site is on WordPress, and RSFirewall from RSJoomla! ( https://www.rsjoomla.com/joomla-extensions/joomla-security.html) if your site is on Joomla.

Why I Love WordFence and RS Firewall

Key features of Wordfence and RSFirewal! include:

Country blocking (done by IP address – my favorite) – Unless your firm has specifically-targeted traffic outside the US, consider blocking all non-US traffic (Hint: – those visits from Russia shown in your Google Analytics account probably aren’t from prospective clients).

  • With country blocking enabled, those trying to access your website (or your CMS) from blocked countries will essentially see a blank page informing them that the desired page cannot be accessed.  While IP blocking is not perfect, it can make it significantly harder for those outside the US to break into your site.
  • Malware detection – both of these applications have different protocols for scanning and detecting known malware.
  • Core file change detection – if the core files of your website have been changed, you’ll want to know about such change immediately.  RSFirewall!, for instance, sends e-mail notifications to website owners immediately when core files and other significant changes are made.
  • IP blocking in response to brute force attacks and attacks designed to shut down a website by overwhelming a server – these applications recognize “brute force” attempts to run scripts to hack into a website (brute force attacks consist of trying different usernames and passwords until the right ones are identified).
  • Additional firewall protection – both applications contain additional features and options to better “lock down” your site to prevent core file manipulation.  For instance, in addition to a username and password, access to a website’s CMS can also be restricted so that only whitelisted IP addresses can gain CMS access.

Cost

This Valentine’s Day show your website how much you care by helping to protect it and keep it more secure. The current, undiscounted cost of Wordfence is $39/year, and the current, undiscounted cost of RSJoomla! is $56/year. These costs are minimal in comparison to potential disruption and development costs resulting when a site is hacked (while there can be no guaranty that a site will not be hacked, each of these applications will make it harder to do so).

Both sites offer discounts for multiple sites, and discounts are also usually available for multiple year purchases. Before ordering, do a search for coupon codes, as you may be able to purchase an application for even less than the listed price.

We do not have any affiliation or financial connection to Wordfence or RSJoomla; our recommendations are based solely on using these applications for our sites and those of our clients.

Jeffrey Lantz, Esq. is an attorney in Arizona and CEO of Esquire Interactive, a company that helps law firms develop new business through branding, websites and strategic business development. To learn more about Jeffrey, visit: http://www.esquireinteractive.com