WordPress Security 101
Security is something we usually think about once it is already too late. Don’t let yourself get in that position. Don’t wait for hackers to make the first move. Don’t share the destiny of many, being lazy or uneducated can get right back at you. If things escalate, call professionals – we can clean, secure and maintain any of your website.To prevent the worst scenarios, check some of this points we have prepared for you:
Select proper hosting provider
We will be writing about host providers pretty soon, until then, check BlueHost and FatCow.
Learn about brute force login attempts
This is the most common way how someone can break in your website.
We all know that the most common username of the top (first) administrator account is admin, because that username is suggested by default at the beginning, during the installation of the WordPress.
Once we know the username, all we need to do is to guess the password. Hackers do that by trying each combination, for example “aaaa”, “aaab”, “aaac” and so on, for any number of character, until they guess the right one.
Create and safely store strong passwords
Now you know why most of the websites force you to choose a password that is at least 8 characters and they tell you to pick at least one letter, one number and one symbol character.
The more characters you pick, the longer will it take for someone to guess your password and if you have all the different type of characters, it gives a lot more different combinations for someone to try.
Keep in mind, never use the default admin username, admin.
Add an additional layer of protection
There are plenty of different plugins whose primary purpose is to help you protect your website.
You can try some of the best:
Each of them has advantages and disadvantages, but in any case you can be sure – it’s better to use any of them than leave your website unprotected.
Always keep the core, plugins and themes updated
Old and outdated plugins are the most common ways to get in trouble. Hackers already know loopholes in the old versions of the code and they are more than prepared to use them.
When we remember that all the code that you are using is Open Source and build by the community, the seriousness gets bigger because anyone can get the copy of the files you are using and to study them in order to find the best way to crack them and “get in”.
What ever happens with your website, don’t panic!
In theworst case you will rebuild it from clean installation and salvage most of the content, while your users will experience a small delay in using your services.
In case you need help restoring previous state – call us for help and our professionals will do it for you.
Read more: WordPress Codex: Hardening WordPress