FYC Podcast Episode 010: Free Church Website Security Scan
Podcast Resource Links
> FindingYourChurch.com/FreeScan - FREE Church Online Visibility Scan
> Free Website Security Scan
> FindingYourChurch.com/Toolbox
Podcast Episode Text Version
It is a horrible feeling to go to Google and type in your Church website address and see absolutely nothing, or worse to see it has been replaced by hackers with something that does not promote the message of your Church.
The problem is that a full blown hack is not the only thing you should be concerned about when it comes to your Church Website Security. Your site may already be hacked and you not even know it. You may have no idea.
That is why a free Church website security scan can be very useful.
Why would Hackers want to take control of your Church Website?
You would not think that a hacker would any desire to gain access to your Church website. Even if you have a large Church, why would they want to hack into it?
But, you would be wrong. They do want access.
My Church website hosting company explained that some hacking strategies involve gaining backend control of hundreds or thousands of websites so they can attack a larger targets without getting found out.
When they launch their larger attacks, they can send them through these sites instead of their own. They can even create systems to bounce between sites so they can cover their tracks as far as I understand.
Your Church website IS at risk no matter how small your Church is.
Examples of Church Websites getting Hacked
Number One: I created a WordPress based website for a small Church. The Pastors did not check the site often because it was pretty much information only, so they did not view it themselves that much.
I randomly checked it, and the entire site had been replaced with an image of a Turkish flag and a song that automatically played when you accessed the site. It said it had been taken over by Turkish militants.
I have no idea if the site had really been taken over by Turkish militants, but I can assure you this was not the message they were attempting to convey to their Church website visitors.
Number Two: In a similar situation, I created a site several years ago for a Church. I randomly visited the site and there was a small text ad in the top left corner for Viagra. Now I am all for Church growth, but again that was not the message they wanted people to see.
Number Three: At my last Church Staff position part of my responsibility was the website. I installed a WordPress plugin that would alert me if someone or something tried to login to my WordPress site too many times.
When that happens, it is usually a program trying to crack your password and break into your website.
I began receiving these email alerts every few minutes stating that something was trying to break into my Church WordPress site. I received these emails for a couple of days when I contacted my website hosting support to see if there was anything they could do.
They said I just had to ride it out, and to change the password. I changed the password to a random string of 20 characters, and after 3 or 4 days the email notifications tapered off.
I survived that time without getting hacked.
In all 3 cases I was able to fix the issues, but it can be very challenging.
How can you protect your Church Website from getting hacked?
Your FIRST STEP is to see if your website has been infected with malicious code already.
If so, you need to ACT NOW to correct the problem.
Even though the hackers may try to keep it a secret that they have hacked into your website, they still do have control. At any moment they could try to hide their tracks or do something extremely damaging to your site. This damage could be irreversible if you do not have a backup...