The easiest way to reduce the chance your MODX site will be hacked is to keep your site software up-to-date.
Why is this needed? As with any software, security vulnerabilities get discovered with MODX. The MODX security team fixes the vulnerabilities and releases new versions of MODX for FREE. By upgrading your site to the latest version whenever a security update is reported, you help seal the holes that allow hackers and viruses to get in.
Keep backups in either case: Whether you choose to install security updates or not, always back up your website regularly! Backups allow you to revert to the last non-hacked version of your site easily. As history shows us, no-one can be sure their server is absolutely hack-proof.
You can sign up for email notifications or use the RSS feed. Make sure you know (or ask me) whether you have MODX Evolution or Revolution, because you can safely ignore security updates that do not apply to your version.
If you cannot afford to pay someone to upgrade your site, you can upgrade your MODX site yourself.
Depending on your version of MODX and hosting server, I have already taught you how to back up your site. Ask me if you have questions or if you would like me to set up an automatic, off-server backup service for you.
I recommend you download a backup of your website and database whenever you make any major changes to the website.
Having several backups over time allows you to recover the last non-hacked version of your site if your site becomes broken or compromised. Otherwise, you will only be able to recover an older version of the website.
If your website stores new data regularly (such as purchases, form submissions, statistics, etc...), I strongly recommend you set up automatic, off-site, versioning backups to avoid data loss in the event a hacker or virus wipes out your data. Ask me about options for setting this up.
Posted on Sep 11, 2015 by Default Admin User