FYC Podcast Episode 010: Free Church Website Security Scan
Podcast Resource Links
Podcast Episode Text Version
It is a horrible feeling to go to Google and type in your Church website address and see absolutely nothing, or worse to see it has been replaced by hackers with something that does not promote the message of your Church.
The problem is that a full blown hack is not the only thing you should be concerned about when it comes to your Church Website Security. Your site may already be hacked and you not even know it. You may have no idea.
That is why a free Church website security scan can be very useful.
Why would Hackers want to take control of your Church Website?
You would not think that a hacker would any desire to gain access to your Church website. Even if you have a large Church, why would they want to hack into it?
But, you would be wrong. They do want access.
My Church website hosting company explained that some hacking strategies involve gaining backend control of hundreds or thousands of websites so they can attack larger targets without getting found out.
When they launch their larger attacks, they can send them through these sites instead of their own. They can even create systems to bounce between sites so they can cover their tracks as far as I understand.
Your Church website IS at risk no matter how small your Church is.
Examples of Church Websites getting Hacked
I created a WordPress based website for a small Church. The Pastors did not check the site often because it was pretty much information only, so they did not view it themselves that much.
I randomly checked it, and the entire site had been replaced with an image of a Turkish flag and a song that automatically played when you accessed the site. It said it had been taken over by Turkish militants.
I have no idea if the site had really been taken over by Turkish militants, but I can assure you this was not the message they were attempting to convey to their Church website visitors.
In a similar situation, I created a site several years ago for a Church. I randomly visited the site and there was a small text ad in the top left corner for Viagra. Now I am all for Church growth, but again that was not the message they wanted people to see.
At my last Church Staff position part of my responsibility was the website. I installed a WordPress plugin that would alert me if someone or something tried to login to my WordPress site too many times.
When that happens, it is usually a program trying to crack your password and break into your website.
I began receiving these email alerts every few minutes stating that something was trying to break into my Church WordPress site. I received these emails for a couple of days when I contacted my website hosting support to see if there was anything they could do.
They said I just had to ride it out, and to change the password. I changed the password to a random string of 20 characters, and after 3 or 4 days the email notifications tapered off.
I survived that time without getting hacked.
In all 3 cases I was able to fix the issues, but it can be very challenging.
How can you protect your Church Website from getting hacked?
Your FIRST STEP is to see if your website has been infected with malicious code already.
If so, you need to ACT NOW to correct the problem.
Even though the hackers may try to keep it a secret that they have hacked into your website, they still do have control. At any moment they could try to hide their tracks or do something extremely damaging to your site. This damage could be irreversible if you do not have a backup.
So the first step is to get a Free Church Website Security Scan that shows how secure your site is right now.
Sucuri Site Check is a great place to start. They allow you to easily enter your website address, and very quickly see the results of your free Church website security scan.
You can access that that link below.
LINK >> Sucuri Free Website Security Scan [my affiliate link]
What if your website has already been hacked?
You WILL need to act on this as soon as possible if there has already been a breach in your site security. Thankfully you have at least a couple of options in addition to what they offer on the Sucuri Scanning Site.
#1 – If you have a WORDPRESS Church Website, you can use WPCurve.
This is service keeps all of your WordPress Themes, Plugins and even your WordPress software up to date so you do not have to maintain the back end of your website. It also creates and maintains backups of your website for you in case something goes wrong.
They also offer a service where they will complete small website jobs for you. If you have been wanting to make small tweaks to your Church WordPress website that you have not been able to figure out how to do, they will do it for you.
Here is the link to WPCurve.
#2 – If your Church website is created with anything else except Church Website Builders [these should provide security for you], use Sucuri.
Sucuri does NOT do extra small jobs like WPCurve, but they DO guarantee to keep your site safe from hackers as much as possible. And, if your website does get hacked, they can fix it for you.
Check it out at the link below.
LINK >> Sucuri Website Security
Please note that previously we recommended Sitelock, but NOW we recommend Sucuri Website Security.