Call for a Free Website Security Review (619) 479-6637     Hack Repair Testimonials Read more five star service reviews?

Website Malware andHack Repair Services

"Repairing Hacked WordPress Websites since 2012"

BUMMS – Website Security Preparation for Today

| | 5 Comments

Website Security Planning

Today’s Website Security Reality

Website security isn’t just about prevention — it’s about preparation.

Strong passwords, security plugins, and even DDoS protection are important. But none of these alone will stop a hack—just like window bars don’t stop a determined burglar.
Real protection comes from planning ahead and staying vigilant. Let’s break it down with a simple framework I call BUMMS — a five-part approach to preparing your website for whatever comes your way.

 

B – Backup

Backups are your safety net. If your site gets wiped or compromised, this is how you bounce back.

  • Store backups offsite — cloud-based is ideal.
  • Keep full backups every two weeks for at least a month.
  • Database backups? Daily for at least five days.

U – Update

Over 80% of WordPress hacks happen because of outdated plugins and themes. Updates are your easiest win.

  • Log in monthly to check for updates.
  • Apply all security patches right away.
  • Set a schedule or use a managed service if needed.

M – Maintenance

Outdated staging sites and unused PHP scripts are hacker magnets. Especially in shared hosting environments.

  • Delete old directories like /demo, /test, or /old.
  • Clear out inactive WordPress plugins and themes.
  • Treat your plugin list like your bedroom: keep it clean to avoid “bed bugs.”

M – Monitoring

Without monitoring, hacks can go unnoticed for weeks. By then, the damage is done.

S – Segregation

Still hosting multiple websites under one cPanel account? That’s a recipe for disaster.

  • One site gets hacked — they all go down.
  • Separate each domain into its own account with its own FTP access.
  • Segregation is the new security baseline, not a luxury.
  • Here’s why shared hosting can hurt.
We fix hacked websites

Your BUMMS Checklist

Backups – Offsite and automatic

Updates – Plugins, themes, core

Maintenance – Tidy up old scripts and tools

Monitoring – Internal and external alerts

Segregation – Isolate apps, isolate risk

 

Your BUMMS are your best protection.

Website Security Planning for Today.

 

    Leave a Reply

    5 Comments

  1. Marge says

    I have found in my own experiences that it is critical to maintain a regular update policy to keep a website secure against PHP exploits. Because Wordpress provides notification when updates are needed, there is really no excuse. Thank you for sharing recommendations to maintain a secure site.

    Reply

  2. Steve says

    Great read. Encouraging. Now, like the insurance ad, we know a thing or two because we’ve seen a thin or two. Now you’ve got me wondering … “Segregation of web applications and associated FTP account access have become the new standard in website security planning.”

    How do we segregate?

    Thanks again.

    Reply

    • Jim Walker says

      Moving each site to its own cPanel account is the optimal method of segregation. Though this does cost more respectively.
      That said, I do recommend folks not install more than a few WordPress installations within a single account. More than three and the chance of each site being compromised increases exponentially.

      Reply

  3. Joann says

    Nice read, I just passed this onto a colleague who was doing a little research on that.
    And he actually bought me lunch because I found it for him smile Therefore
    let me rephrase that: Thank you for lunch!

    Reply

  4. Judy Kettenhofen says

    LOL … came close … I came up with BUMP …
    Backup, Update, Monitor, Protect (Privilege & Permissions) …

    Reply