Amanda Naor’s camera lens has a distinct purpose: “to authentically tell a story through images.” A hobby photographer turned professional, Amanda is known for her documentary-style photos of children, families, and “the beauty of the everyday.” She established her small business, Amanda Naor Photography, to pursue a career that would allow her the flexibility to start a family of her own.
Sharing her images with clients and acquiring new customers is essential to building a successful business, so Amanda created a custom website, amandanaorphotography.com with WordPress. Using a plugin specifically designed for photographers, she added galleries to showcase her beautiful photos and even installed a template to help give her website a professional, polished look. After prospective customers view her work, they can easily schedule a session through a contact form on her site. While all these features helped define her brand and made for a great user experience, Amanda’s website was missing one very important component: website security.
Amanda’s website ran smoothly for three years, until one day, cybercriminals attacked not once, but twice, and only a week apart. During the first attack, Amanda was locked out of her website, unable to gain access to her WordPress and hosting accounts. “I was worried because I didn’t know what happened, and I didn’t have a backup of any of my files,” she says. Amanda contacted her host to regain access and changed her passwords, but that wasn’t enough to protect her website from future attacks. Little did she know, her site was infected with a backdoor file, a type of malware. Backdoor files allow cybercriminals to secretly gain access to a website without the knowledge of the website owner. Once infected, cybercriminals can use the backdoor to re-enter the website as they please. Because the backdoor file on Amanda’s site had not been removed, her website was breached again a week later. As a result of the second attack, her website appeared distorted, and her photos failed to load. “To see my site so deformed was heartbreaking,” says Amanda. “I was worried I lost all my work. It was terrifying! I felt violated.” Alarmed, Amanda immediately informed her customers via social media that her site was down, and called SiteLock.
Solution and Results
Amanda was connected to a friendly SiteLock Website Security Consultant who took the time to explain what was happening with her site and what needed to be done to resolve it. It was then that she learned that her site had been attacked by a backdoor file. After evaluating Amanda’s needs, the Website Security Consultant recommended SiteLock® INFINITY™, a website scanner that automatically looks for and eliminates malware. By the time INFINITY™ completed its scan of amandanaorphotography.com, it had detected and automatically removed five malware files. The SiteLock Expert services team, an exclusive perk of the INFINITY™ package, also manually cleaned five more malware files that were too sophisticated to be removed automatically. Any amount of website downtime could have caused a devastating loss of revenue and customer trust for Amanda’s business, but fortunately, she called SiteLock right away. The result? Amanda’s website was back to normal within a few hours, with little to no impact on her customers.
Though her website was successfully restored, Amanda needed to protect her website from attacks in the future. In addition to scanning and malware removal, SiteLock® INFINITY™ also includes automatic CMS patching, which keeps Amanda’s WordPress website up-to-date with the latest security updates. Amanda also implemented SiteLock® TrueShield™ WAF (web application firewall) to protect her website from future malware attacks. On a daily basis, TrueShield blocks approximately 600 bad bots from accessing Amanda’s site, as well as backdoor files like the one that allowed cybercriminals to infiltrate her website. Amanda also has full visibility to the health of her website thanks to her weekly SiteLock TrueReview emails, which provide a summary of her WAF statistics. “I receive weekly reports that show me how much bandwidth I am saving and how many bad bots are being blocked,” she says. “I know my website is protected when I can clearly see the numbers and results.” While TrueShield™ guards against outside threats, INFINITY™ protects Amanda’s website from the inside by continuously scanning over 7,000 files and nearly 1,000 pages for malware every day. INFINITY™ removes known malware automatically, so threats are eliminated before they have a chance to cause damage. Now Amanda is more aware of her website’s security, and better equipped to deal with cyberthreats. “It feels good to know what’s going on with my website,” Amanda says. “I also love the fact that I have access to support 24/7. It is worth its weight in gold. When you are a small business it is so helpful to be able to reach out to in times of need. SiteLock support is always on it!”
It was a difficult wake-up call, but Amanda now understands how critical website security is to the success of her business. “I never thought this could happen to me,” she says. “Ignorance is bliss up until the point where you see all of your hard work in the hands of someone else.” Fortunately, proactive website security measures will keep Amanda’s hard work protected from now on. “If you have a website, you need to have website security because anyone is susceptible!” Amanda says.
To keep cyberattacks from threatening your business, call SiteLock any time at 855.378.6200. We’re available 24/7/365 to help.