Call for a Free Website Security Review (619) 479-6637     Hack Repair Testimonials Read more five star service reviews?

Website Malware andHack Repair Services

"Repairing Hacked WordPress Websites since 2012"

SSL

HackRepair.com Website Security Tips and Hack Repair Notes

| | Leave a Comment

A Comprehensive Guide to Wi-Fi, Web Hosting, and WordPress Security

Hackers Lurking on Wi-Fi Networks

Wi-Fi Security: Your First Line of Defense

Public Wi-Fi networks, like those found in most coffee shops and cafes, can be a security risk. Before logging into your website, ensure it’s secured with an SSL certificate.

You can tell your site uses SSL if its URL has a 🔒 lock symbol to the left of the web address in your browser’s address bar. This lock indicates that your connection is encrypted.

If your website doesn’t show this lock icon, contact your web host to set up SSL for your domain. Without it, your login credentials will be sent “in the clear,” meaning anyone monitoring the unsecured Wi-Fi network could easily intercept your username and password.

Using a secure SSL connection is particularly important when traveling. Hackers are known to routinely monitor unprotected networks in hotels and restaurants, looking for unsuspecting tourists connecting to their bank accounts or website dashboards.

 

Choosing a Secure Web Host: Questions to Ask

Looking for a security-conscious web hosting company? Before you purchase their services, ask them these key questions to gauge their commitment to security.


Hi [Web Host Name],

Can you please provide answers to the following questions about your hosting services?

Does the [enter your service plan] service plan include the following options:

  • Secure POP/IMAP available?
  • SSH available?
  • SFTP available?
  • Is an SSL certificate available, and what is the cost?
  • Do you scan my site daily for malware and notify me on the same day if malware is found?
  • If there is malware on my website, can you assist with its removal, and what is the cost?
  • Can you help me ensure my web hosting account is PCI compliant?
  • Are daily and weekly backups automated and easy to access? Is there a charge for backup recovery?

Slightly off-topic questions:

  • If I have any questions about WordPress or encounter issues with plugins, will you assist me?
  • For emergencies or support questions, is there someone I can speak to by phone or real-time chat?

Thank you,
[Your Name]

Honorable Mentions: Security Resources

Has your email account been compromised?

Have I been pwned? Go here to check if your email address has been compromised in a data breach.

And my article, “Email Blacklist Removal Website Addresses.”

Check your WordPress installation for vulnerabilities:

 

Recommended WordPress Security Articles

 

Why I Wrote This Article

Website security awareness is a big part of what we do here. If you find your website has been compromised and have questions, please feel free to call or chat with us. We’ll take care of you like family.

We Fix Hacked Websites Trademark
We Fix Hacked Websites™
Enjoy! Listen in to learn more about what I do:

Listen to Jim’s Hack Repair voice introduction.

Google 62 is out but the “Not Secure” warning is missing?

| | Leave a Comment

For months I’ve been warning about the upcoming “Not Secure” warning coming to Google’s web browser in October. Well, it’s October 2017, Google Chrome version 62 has been released but the heavily forewarned “Not Secure” warning appears to have gone AWOL.

 

In theory, when you visit a non-https web page that includes a form of any sort, a “Not Secure” warning should appear like the below example:

Yet another not-secure SSL warning example

 

While this is good news for folks who are still dragging their feet on the subject of “should I or shouldn’t I set up SSL on my website?“, the writing is on the wall…

If your browser has not yet got the memo about non-SSL pages, you may enable or disable the upcoming “Not Secure” warning by typing some text into your web browsers location bar.

I found a summary on how to do this from the article, “Avoiding the Not Secure Warning in Chrome“.  To force “enable” the non-secure warning today, copy this text into your Chrome browser’s location bar:*

chrome://flags/#mark-non-secure-as

*Apparently, for most people today the “Default” setting is to not display the not secure message.

 

A funny grayish page will appear. Follow the steps in red below, choosing the “Warn on HTTP while in Incognito mode or after editing forms“:

How to enable the non-HTTPS warning

By the way:
You can test this by going to Google’s non-SSL demonstration page at https://http-password.badssl.com/

Eventually, Google will mark all non-SSL pages as not secure — Praemonitus, praemunitus!

(“Forewarned is forearmed”)

We fix hacked websites

Below is a video demonstration showing the Google web browser changing the location bar  to the words “Not Secure”. Click the image below:

 

Chrome Version 62 out in October 2017 Will Change How You Perceive The (online) Universe

| | 1 Comment

Treatment of HTTP pages with user-entered data in Chrome 62

 

Whether you use the Google Chrome browser in regular or Incognito mode, your view of the Internet may change October 2017.

Google has been promoting their vision of an SSL-free future for years.

According to Google, in the article, “Next Steps Toward More Connection Security“, the browser location bar on non-SSL pages, which include a form for text entry of data, like contact or email subscription forms, will appear like the animated image above (switching to a “Not Secure” alert).

Hopefully, this will push more folks to upgrade their websites to allow for a secure browser connection and greater online safety for all.