We have seen a distinct rise in WordPress websites being hacked over the last 6 months. Gone are the days of thinking “it won’t happen to us”, because it most probably will! In fact Sucuri have recently announced a rise in brute force attacks with over 40m more attacks on their supported sites since January 2015.
Here are some very easy ways to keep your WordPress website more secure, and out of the hands of the hacker. These are the real basics, so if you get these right you are half way there. However if you would like to go that one step further, contact the onefoursix team by calling 01604 779035.
- Usernames – Most WordPress websites have ‘admin’ set up as the default username. Change this immediately. Use something that a hacker simply wouldn’t guess such as ‘dWi11iams’, and delete the default ‘admin’ user.
- Passwords – Most hackers try brute force to hack a website, so a strong password is essential. We use LastPass to generate strong passwords, and then save them via their secure application. ‘Password123’ is a big no no. ‘asdn!”[GSDm23£’ is a massive yes yes!
- Update – This is essential. Make sure you update all of your plugins, and WordPress itself. Hackers often expose security holes in out of date plugins. WordPress and plugin developers regularly update their products to fix holes in their security.
- Plugins – Be very careful which Plugins you decide to use on your website. At onefoursix, we have a preferred set of WordPress Plugins, and if we do need to go outside of those core Plugins for whatever reason, we make sure that we do our research. If you have identified a Plugin that would work well on your website, the ‘number of downloads’ can be a good indicator.
- Install WordFence – WordFence is a security Plugin for WordPress, and essentially helps keep your website secure. WordFence helps scan and detect any potential malware, protect the website as a whole, block IP addresses and brute force attacks, and repair any damaged files. There is a free version (which gives you sufficient but limited access) and a paid for version. There are other security Plugins available.
- Backup – In case a hacker does get through, make sure you carry out a clean backup of your site and store it locally! There are some great Plugins for this including Backup Buddy and VaultPress. If you feel uncomfortable doing it yourself, ask your hosting provider (they often take regular backups) or a local web developer.
There are other ways you can keep your WordPress website more secure – contact the onefoursix team for more details on 01603 779035.
In the mean time, the above should be easy enough for any WordPress beginner, and will put you one step closer to securing your website.
Author: Dave Williams
Dave Williams is the founder and director of onefoursix; a digital marketing agency based in Northampton. After setting up onefoursix in 2011, Dave has gone on to grow it to one of Northampton’s finest agencies. His expertise include social media, user experience and SEO.
Share this Post