Get Estimate

Category Archives: Security

The Digital Flu: The Importance of Website Maintenance and Best Practices

By | Industry News, Security, Web Development | No Comments

Website hacks are certainly not a new thing, but these days the threat of being hacked is more prevalent each and every day. With the explosive growth of E-Commerce and the importance that companies (correctly) place on their online presence, hackers are ramping up their game, with even big name companies showing up in the news over high-profile hacks. But there’s no need to fear! The hackers aren’t going away, but there are best practices that can (and should!) be followed to keep yourself safe.

Updates Updates Updates!

Listen, we get it. Nobody likes having to update things, but that’s the first thing you should be doing to keep your website secure. Plugins, themes, and anything else that could present a potential for security breaches need to be kept up to date. Above all, the most important thing to maintain is the CMS installation itself. A number of very popular CMS platforms such as WordPress and Drupal are completely open-source, which means it’s code is available for anyone and everyone to get into, for better or for worse. Because of this, developers are in a constant war against those who try to take advantage of this for nefarious purposes. Whenever vulnerabilities are found, patches are usually pushed out very quickly. If you aren’t installing these patches just as quickly, you’re leaving easy targets for hackers to exploit. Keep in mind that depending on how your website is developed, you may run into compatibility issues and other bugs when updating your CMS, plugins, or themes. For this reason, it is always recommended to have someone with development experience on hand to assist if needed.

Strong Passwords = Stronger Security

Now, this one should be obvious, but it’s so important that we had to include it. One of the first thing a hacker will do is try to break in through the front door by capitalizing on weak logins. For this reason it’s important to ensure that all usernames and passwords are strong and hard to guess. Passwords should be completely random with the max character limit allowable. Best practice is to use a combination of uppercase and lowercase letters, as well as numbers and special characters. For usernames it should be a similar story, making your username something harder to guess than “admin” can go a long way.

Safe and Secure, Inside and Out

Hacks don’t always come from faraway sources over the internet. Sometimes the breach can come from inside, making internal security just as critical as external. Now don’t worry, we aren’t implying your employees and coworkers are scheming to take down your site, but ignoring the threat of internal breaches leaves you open to unexpected attacks. Make sure all employee logins are secure, admin access is restricted to only those who need it, and every device that enters your network is scanned for malicious software.

Stay Alert to Stay Safe

Ok, so you’ve secured your logins, and everything on your site and on your network is up to date, so now everything is safe, right? Unfortunately, security just isn’t as simple as that. Unexpected attackers can slip through unseen cracks even on the most secure sites. Catching these incidences early can be the difference between a slight scare and a complete catastrophe. The same way you go to the doctor for checkups, you should be scanning your sites regularly for malware, phishing, and scamming; the most common symptoms of a hack. We recommend monitoring for malicious files and activity on a daily basis.

Keep a Backup (Or a Bunch of Them) Just to Be Safe

But what if the worst case scenario happens? What if someone managed to not only get into your website, but majorly mess it up? Cases like this are why maintaining a site well includes making regular backups of it. Monthly, or even weekly backups of your website and its content prevent hours of development time and irreparable damage to your company’s reputation by allowing you to roll your website back to a previous and untampered version. In some cases, daily backups may be the most appropriate option if you are updating your website very regularly.

The threat of hackers is a real and dangerous one, but that doesn’t mean you or your company should avoid or abstain from the internet to be protected. Maintaining proper security practices and protocols can help immunize your site from this plague that’s sweeping the internet. That’s why at Socialfix Media, we do it for you! We offer comprehensive website maintenance and protection plans to keep you and your customers safe, and prevent your website from catching the virtual flu. Let’s connect and discuss your website’s cyber-security strategy!

How To Protect Your Website From Digital Pirates

By | Business, Digital Trends, Industry News, Security, Web Development | No Comments


When you hear the term “Cyber Pirates” I hope that a dashing image of Johnny Depp as Captain Jack Sparrow coding at a desktop monitor doesn’t come to mind. In fact, cyber pirates are more threatening (and possibly more composed) when it comes to their method of pirating. 

More now than ever before, Cyber Pirates are using RansomWare to hold companies’ most important assets hostage, while releasing confidential information to the public. These attacks are happening all over the globe and amongst companies of all sizes. You might have read about the HBO hack that happened just a few weeks ago where hackers who used the same software accessed and leaked confidential information about upcoming television shows.  

So what exactly is RansomWare, and how can you detect and prevent the attacks from happening to your company? 

RansomWare is a malicious software that holds business websites hostage or threatens to release sensitive data to the public for a handsome fee. Cyber pirates will utilize a variety of avenues including emails, network traffic, user behavior and application traffic to insert RansomWare. These types of attacks are typically carried out using a “Trojan”  that is disguised as a legitimate file. For example, the Trojan might be an innocent looking email from your boss instructing you to check out pertinent information. Unknowingly you click the link, because you trust the source. But once you click the link, it activates the download of the malware and the hacker can encrypt your files until you supply the bounty.


According to a recent article published by, “ a Ransomware variant will infect between 30,000 to 35,000 devices a month, with some variants reaching up to 150,000 infections.” However, most of these attacks can be prevented. Follow our guidelines below to keep your website safe so you don’t become one of the statistics.

Although we always recommend first that you prevent threats before they happen, sometimes this isn’t always feasible. We also offer website maintenance and support to repair websites after they have been hacked.  Take a look at our Top 9 must do’s to keep your website running optimally while guarding it against any potential threats. 

  1. Run daily, weekly or monthly backups of all of your files. If a cyber attack occurs you want to ensure that you can recover the website from the most recent version.
  2. Host your website on a secure server. Our dedicated servers provide our clients with a variety of weapons to fight cyber security attacks. These include Firewall Protection, Anti-Spam and Anti-Virus Protection, HTTP Intrusion Protection, Daily security audits and more that all monitor threats and prevent them from attacking the website.
  3. Always make sure that you have an SSL certificate for your website., to initiate a secure session with browsers. Websites with SSL certificates have the “Secure” stamp of approval in the URL, also known as HTTP. 
  4. No website is self-sustainable, make sure to update your plugins. New plugins are constantly being rolled out to patch old bugs and potential vulnerabilities. So keeping your website backend up to date is instrumental in guarding it against possible threats.
  5. Use Strong Passwords and 2-Factor Authentication: Making sure that your website password is complex and updated bi-monthly and you have dual authentication for website access is crucial.
  6. Make sure to blacklist all bad or suspicious IP’s.
  7. Make sure to whitelist all trustworthy IP’s.
  8. Daily Attack Monitoring.- Sign up with a hosting and support company that offers Daily Attack Monitoring so that you know the exact moment when an attack is occurring. Responding quickly to an attack can be a deal breaker.
  9. Most importantly, be aware of suspicious emails, websites, and apps. In order for RansomeWare to work some has to unknowingly download malware onto their device.


For more information on how to keep your website safe and secure from those digital pirates, contact us through our live chat option or click here to fill out our contact form and we can create the right Maintenance and Security package for you. 

Social Media Amplifies Sochi Conditions

By | Digital Trends, Entertainment, Security | No Comments


Images and posts about the city of Sochi have caused concern for the Olympics

The Winter Olympics have only just begun and thanks to social media nearly every detail about it is available to the public. During the Olympics of past years spectators have only been exposed to whatever information was broadcast on television. They saw ceremonies and coverage of the sporting events, but little else. Now in the days of social media there is a much larger amount of information available. The conditions of the host city of Sochi have become a huge topic for this years games. According to Luke Villapaz of The International Business Times “many were greeted with unfinished hotel rooms, undrinkable tap water and even stray dogs waiting for them in the rooms. Unfortunately that was only the half of it. A look at the surrounding cityscape shows multiple pieces of infrastructure and buildings still under construction, including hotels, shopping centers and roads.”

Normally people outside of the city would never know about this since it probably would not have been broadcasted.  Now with social media it is extremely easy for an athlete or reporter to upload a photo or angry message and have it be seen by thousands. With so many people having easy access to the internet through their computers or phones it would be nearly impossible to prevent this kind of information from leaking out.  All of this information is instantly available and accessible to a huge audience.  It is also very easy to exaggerate things over the internet. One negative message from a popular athlete could create a storm of anger from their fans. A journalist who has one unpleasant experience could put a negative spin on everything he reports. “…if journalists aren’t well fed and well housed, if you lose their luggage or don’t give them places to file, they get cranky — and that affects the coverage.” (Kurtz).  Regardless of how much a source may decide to stretch the truth or what their original intentions were, thousands of people will see what they write and each one will make their own assumptions from it. The conditions in Sochi may not be as bad as some people say, but a bad image has already been put out in the public’s minds and that is what will stay with them.

5 Tips to Protect Your Passwords

By | Security | No Comments

Password security has never been more important than it is in the wake of the massive breaches at Target and Neiman Marcus. While those incidents may not have involved passwords, they serve as reminders that we must be more cautious. Take this opportunity to review the password security of your business website, email accounts and social media accounts.

As often as people are warned to change their passwords, to not use the same passwords for multiple accounts and services, and to use long, complicated passwords; too many are still taking chances.

It is one thing to risk your personal reputation when someone spams your friends on Facebook using your personal account, but what if they use your business Facebook page? Will your business followers be as quick to forgive as your friends and family?

It isn’t just that someone might say something on your Facebook page that is offensive, or tweet half naked pictures of themselves on your Twitter feed. People will get over being offended when they realize what happened. What they won’t get over so quickly is the loss of trust. How can they trust a business that is not able to manage their own password security? That feeling will linger and your brand will suffer for it.

The following are some tips for setting a secure password:

Don’t use the same password for multiple accounts. This should be an obvious tip and as often as we see it suggested, there are still people who use the same password for their email, website, bank account access and social media accounts.

Don’t use obvious easy passwords like 123456, asdfasdf or the word ‘password.’ You also should not use publicly available information like your phone number, birthday, childrens’ names or your street address. Google suggests you come up with a phrase about each account and use the first letters of each word, adding numbers and symbols where appropriate. Your email phrase might be, “I love to get email from Cassie and Tim.” Your password from that might be, “Il2gefC&T”. This password has upper and lower case letters, a number and a symbol. To increase the security make the phrase a little longer and add more numbers and symbols.
If you must write your passwords down, keep them hidden. Don’t carry passwords around in your wallet or keep them on a note taped to your computer screen.
Set password recovery options with each account. If you forget your password some sites will simply email you a link that allows you to login. Others will require that you answer preset security questions. You can add an extra layer of security by spelling the answer to your security question in a special way. For example, if the answer to your question is the city name Cincinnati, you might spell it [email protected] The key here is to remember your special spelling so you don’t lose access to your own account.

Some sites request a cell phone number and permission to text a verification code to you. This method is commonly called two-step verification. If your account is accessed by an unrecognized computer or device, you will receive a text with a verification code. If you are the person trying to access your accounts, then all you have to do is enter the verification code after receiving it by text. If someone else has attempted to access your accounts and they do not have the verification code, they will be locked out.

Security issues will continue to be a problem – from simple pranksters trying to make a mess of your social media accounts to hackers going after your financial information, or worse – your customers’ financial information. Take steps now to save your brand, your reputation, and your finances by protecting passwords.