Hackers are getting into WordPress websites at an alarming rate – over 30,000 websites a day. Yours could be one of them if you’re not careful.
What Happens When a Hacker Gets Into Your Site
You could lose your entire website. All of the time and money you’ve invested could be gone in just one day.
Not only that, if you have any personal information belonging to you or your users, that can be stolen. This could lead to identity theft you could be responsible for legally. Many websites have a disclaimer on their site to prevent them from being sued if this happened, do you have one?
The hacker can also put a virus on your site unbeknownst to you and your users. Whenever a user is on your site, the virus will attack their computer.
All of this can be highly devastating to a website owner, and can even lead to a business closing.
The best thing you can do for yourself is to make sure you increase WordPress security.
How to Increase WordPress Security
The following are the best ways you can increase your site’s security. Try to implement as many as possible.
- Do not use admin as your administrator username. It’s so common that hackers try that username first. If your username is admin, they are halfway onto your site. They just need to crack the password.
- Ensure you have a strong password. If your password is easy, they will likely get it right within a few tries. Hackers research the people they are trying to scam and will have a good idea what they use for passwords. They also scrape sites to get lists of passwords, which is why you should have a different password for every site you use. You can use a password generator to help you create a strong one, such as Password Generator.
- Add an additional authentication for login. You may have seen this on some sites:
You can put this on your WordPress with a plugin like Login No Captcha.
- Avoid using plugins from unknown sources. Plugins are one of the most popular ways for hackers to get into a site. They place a script in the plugin to expose your login information, and then they can get right into without a problem.
- Update WordPress regularly. Whenever there is an update available for WordPress, get it. These updates include important changes to the platform that can prevent hackers from getting into your site.
- Turn off trackbacks. Hackers use websites to link to your site and then the notification is sent to you, which sends them information about you. You can simply go into Settings and then Discussion and uncheck the “Allow link notification from other blogs (pingbacks and trackbacks).
- Ensure you don’t have directory browsing/indexing on your WordPress site. When your server doesn’t have the file index.php or index.html, it will simply display the contents of the directory. This includes your plugins and themes and other information hackers can use to get into your site. Disabling this will keep them from getting this information. All you have to do is add this line to your .htaccess file:
Options All – Indexes
Do It Now
Don’t wait until your site gets hacked to implement these ways to increase WordPress security. If you don’t feel comfortable doing it yourself, contact us for help. We can do it for you to make sure your site is safe from hackers.