Last week, it happened.
It. The one thing that can keep you from focusing on your most important obligations and force you to stay up later than you want to do more work than you ever anticipated.
I’m talking about malware – in particular, a snippet of nasty code that weaseled its way into this very Website. It also showed up in my other sites, which are all in the same public folder with the same Web host.
Getting rid of this garbage literally took two whole days out of my regular schedule. Needless to say, it completely destroyed my efforts to blog more frequently as cleaning up my sites became Priority One.
And it cost me money. Not a lot if you just count how much I paid to have the sites cleaned. But when you consider all the hours that I could have been running my business instead of dealing with a peripheral disaster, it becomes clear just how expensive a site hack can be.
Here’s what I learned:
Lesson One: Prevent malware before it happens.
Unless your host already monitors for malware and cleans it up for you (few do), you should stop what you’re doing right now and…
- Secure your cPanel directories. Not sure what this means? Call your Web host right now and get them to explain. It’s usually just a matter of locating the “Security” module in cPanel and clicking on “Password Protect Directories.” Then you just assign a user (you) and password so that nobody else can get at your directories.
- Update your CMS. Always do this when there’s an update available. I use WordPress. It shows me a little alert whenever an update is available. If you use WordPress, don’t ignore these alerts.
- Back up your database. Your host probably does this already. Call them to make sure.
- Scan your site for malware. Google “scan site for malware” and find one of the many vendors that offers a free scan online.
If you don’t do these things on a regular basis, it’s only a matter of time before you’re hacked. Trust me.
And getting hacked is a huge pain! Your clients will send you emails saying your site sets off their malware detectors. They’re scared to read your blog lest they get infected with something. You’ll proceed to call your Web host 12+ times (that’s more or less my count) just to get everything sorted out.
Just think how many productive things you could have done if you hadn’t had to deal with this malware nonsense! If you end up like me and, in spite of your best efforts, you somehow end up with malware anyway, heed Lesson Two. Ahem…
Lesson Two: It pays to protect yourself.
Imagine for a minute that you don’t have a Website, but you have a storefront. From time to time, you have to pay somebody to trim the hedges, wash the windows, and pressure-wash the sidewalk.
Basic upkeep ensures that the public doesn’t find your business undesirable. It makes a good impression and keeps people coming to your door.
A small business Website is like that storefront but without the shrubbery. Instead of overgrown hedges, you get no-good, bloated, God-only-knows-what-it’s-doing code on your site from time to time, and you have to pay a little something to clean it up.
Really, unless you’re a developer, you have no business trying to clean up this stuff yourself. Just hire some folks who know what they’re doing. I hired these guys.
And if you’re already paying extra for managed hosting, you should be getting primo protection from malware anyway. If you’re a managed hosting customer and you still get infected, it probably goes without saying that you need to find another better managed Web host.
Because when you run a small business, it’s important that everything “works.” Otherwise, guess who has to fix it?
You. And if you’ve got leads, customers, and vendors to deal with, fixing things can get expensive – quickly.
So cough up the extra dough and hire a professional to clean up your site. It might seem costly, but the time and effort you spend trying to do it yourself will cost a whole lot more.