Here at vBSocial we take security seriously, especially WordPress security. There have been plenty of posts in the past that we have created to help webmasters like you – secure your website and make it safe and protected from any kinds of attacks.
There should be no question about it – security is an essential part of any blogs, websites or businesses strategy. Nowadays almost everything is connected and compromising one account could mean that the hacker could gain access to more than just one service. We have seen some big hacks in the past couple of months, including the US retailer Target – and there is no doubt that some of those mistakes have been made due to the simplest mistakes.
We tend to overlook the simple things because of how busy the security professionals are giving us the “good” stuff – often forgetting to remind us about the “obvious” stuff. I do believe that you have taken precautions I am going to list here, but I also believe that you might need a little push to perhaps implement them all and feel better about yourself and your business.
Upgrade Your WordPress CMS
Start by checking if your latest version is in fact the latest version available. Quite often we forget about updating our plugins, themes and even core installations – simply because we tend to be lazy. This needs to be dealt with, as very often updates have been pushed because of a security bug. Although it is quite rare with WordPress.
Use Unique Usernames
Don’t settle for “admin” or “sysadmin”, such usernames are in the default list of usernames that crackers use to try and brute-force your blog. You are going to avoid not only the risk of getting cracked, but also wasted requests to your server as bots usually move on when there is low success rate.
Use Strong Passwords
Again, this is so obvious but very often overlooked. You might think your password is secure, because it has 2 letters and 7 numbers in it – but trust me – it’s not. Such passwords have become incredibly easy to get access to. Use something that would take the cracker years to crack. Not to mention, changing the password once in a while is not a bad idea either.
Secure Your Login Pages
You need to learn how to protect WordPress login page, in order to prevent random people trying to access the most precious part of your website. The same applies to bots, who can only know the default login page. Once you change it you have saved yourself from one attack already.
Protect Your Email
The second place hackers are going to try and gain access to is your email – as often your email is associated with your WordPress account and they can easily reset your password to gain immediate access. Make sure your email is protected and so is the rest of the services that you use – which might affect your WordPress installation.