There’s a quiet war going on online. I’m not talking about what’s going on between nations, but between those who want to keep the internet open and those who want to silence it.
As the global political climate grows more polarized, websites that represent certain values, voices, or communities are increasingly under attack.
Platforms built for free expression, like WordPress, have become both the foundation of online dialogue and a target for those who oppose it. Technology is just a tool we can use to either to protect human rights or threaten them and it’s up to us to decide how it will be used.
When Websites Become Targets
Let’s start with a few simple facts about web security:
- Bots are constantly scanning your site.
- The larger the attack surface, the more opportunities attackers have.
- It’s rarely personal (but sometimes it is)
When it is personal, the consequences reach far beyond the digital realm.
Case example 1: Reproductive rights and freedom of speech
The first case concerns a website dedicated to the right to choose a childfree life.
For over 30 years, the site’s owner has written books, spoken publicly, and advocated for individual freedom of choice: the right to decide for oneself, free from external pressure.
When the U.S. Supreme Court overturned Roe v. Wade in 2022, the site’s bot traffic spiked tenfold.
Each time the topic is mentioned in political debate, new waves of attacks follow.
It’s a clear example of how digital spaces about politically charged topics can be targeted to silence viewpoints.
Case 2: Activism and the cost of weak protection
Another example is from an organization that teaches people to organize political and corporate activist campaigns. Their site has become a target for both hostile governments and extremist groups.
If attackers gained access to their member lists, contact details, or internal communications, the real-world consequences could be severe. The same risks apply to for example immigrant advocacy organizations, Pride communities, or trade unions.
Any platform that represents marginalized or outspoken groups must consider security not just as a technical safeguard, but as a matter of personal safety and human dignity.
Security is Freedom’s Infrastructure
Digital security isn’t just a technical checklist; it’s a cornerstone of equality, safety, and freedom of expression. When we build secure, accessible, and ethical digital services, we’re protecting people, not just data.
Grassroots organizations often lack the resources for extensive audits or enterprise-level protection. That’s why designers, developers, and technology partners have a shared responsibility to think security-first from the very beginning.
Building a Safer WordPress Ecosystem
WordPress is the most common CMS used for websites and therefore targeted for attacks. Here’s a list of what to consider when building a safe and secure WordPress site:
1. Think in layers
Security isn’t a plugin, it’s an ecosystem
- At the DNS level, protect against DDoS and bot activity
- At the server level, lock down ports, keep software updated and as minimal as possible
- At the application level, apply WAF’s, two-factor authentication and hardening
2. Reduce your attack surface
- Use only the plugins you truly need
- Vet third-party code carefully and keep everything updated
- Custom-built is often safer and lasts longer than ready-made
3. Prevent data leaks
- Audit your public folders, sitemaps, RSS/Atom feeds, and REST endpoints for sensitive information.
Even small oversights can expose internal data
4. Prepare continuously
- Security isn’t a one-time project, it’s an ongoing mindset
- Use remote logging, backups, and active monitoring
Hope is an Act of Resistance
When news headlines make the world feel hopeless, it’s easy to think our small actions don’t matter. But that’s exactly how malicious actors thrive, by making people give up.
Every secured website, every proactive measure, and every line of responsible code contributes to a more resilient internet - one that still stands for free expression, inclusion, and human rights.
When we help our clients protect their websites, we’re helping them protect their voices. And that’s what the internet was meant to be: an open, safe space for ideas, creativity, and connection.
