The flip side is there are hackers who are trying to exploit WordPress security vulnerabilities. WordPress is hacked more often than any other CMS due to its popularity. The below infographic shows some simple tips to make WordPress more secure. Remember, you can never guarantee 100% safety when it comes to the online world but, the more precautions you take the less likely your site will get hacked.
Infographic source: Your Escape From 9 to 5
Start with a Strong Username and Password
Please make sure you are not using the default ‘admin’ username as it is the most likely username hacker’s target. Strengthen all your passwords including emails.
Hosting, Themes and Plugins
42% of WordPress sites get hacked because of security issues with the host. So review your host, themes and plugins. Remove unwanted themes and plugins. Test your host’s backups so you can recover if you are ever hacked.
Keep WordPress Up to Date
The most common reason a new WordPress version is made available is due to security patches and updates. So by not updating your WordPress site you are inviting trouble or maybe hackers. You should also keep plugins and themes updated.
Restrict Unsuccessful Login Attempts
Use a simple WordPress plugin like LoginLockDown to restrict the number of failed login attempts from any given IP range within a pre-defined amount of time.
Use a Content Delivery Network’s (CDN) Firewall
A CDN can not only speed up your website speed but it can also act as a firewall between your host and the rest of the web. The more barriers the better chance of your site being skipped by an intruder.
Consider Two Factor Authentication (2FA)
Some banks use SMS codes as an additional security measure on top on the regular username and password as a means of two-factor authentication. Depending on the data you are trying to protect on your site like credit card information on an eCommerce site you can consider using 2FA.
Conclusion
If you think a small WordPress site is useless to hackers, you may be right. But hackers are not trying to get access to one site they want to control 100s if not 1000s of sites for their illicit activities online. Safeguarding your WordPress site is a proactive measure as you need to strengthen the wall before the war or else you will be breached. Featured photo credit: Cent Muruganandam via yourescapefrom9to5.com