WordPress has become basically the most popular website design template in the world due to it’s user-friendly interface, but that means it’s also going to be a big target for hackers. However, many hackers are lazy and try to prey on the unprepared for an easy payoff, so there are a number of basic precautions you can take to keep hackers away from your site.
There are many host providers out there and not all of them are equal. Do some research on your own of course, but we recommend Bluehost.com.
Updates, Updates, Updates
The older WordPress itself or many of its plugins become, the more holes hackers can find in their defenses. Updates are a vital defense that developers provide users with in order to avoid hacker attacks – stay updated.
Sites don’t ask you to set a strong password for your health, they do it so that password-spamming software won’t break into your site. Set a strong password with numerical characters, random capitalized letters, and symbols.
Same goes for usernames. Although this isn’t as vital as the password, there was a recent hack wave that hit many sites with the a username of “admin” and a weak password. Preferably set a personal username at the least.
Avoid Free Themes
Although there are plenty of great free themes that you can trust, there are also as many with base64 coding – a malicious code used to insert spam links into your site and open other holes for hackers to take advantage of. Besides that, premium themes are just worth it!
Backup Your Site
There is a great plugin called WP Clone which allows to easily create as many backups of your site as you need, and it’s free!
Last but not least, there are a number of security plugins available for WordPress. Here is a list of some of the most popular:
- http://wordpress.org/plugins/better-wp-security/ – offers a wide range of security features.
- http://wordpress.org/plugins/bulletproof-security/ – protects your site via .htaccess.
- http://wordpress.org/plugins/all-in-one-wp-security-and-firewall/ – adds a firewall to your site.
- http://wordpress.org/plugins/sucuri-scanner/ – scans your site for malware etc.
- http://wordpress.org/plugins/wordfence/ – full-featured security plugin.
- http://wordpress.org/plugins/websitedefender-wordpress-security/ – comprehensive security tool.
- http://wordpress.org/plugins/exploit-scanner/ – searches your database for any suspicious code.