WordPress websites targeted by hackers over the holiday period
I see on Social Media that a good number of my contacts have had their WordPress website hacked over the holiday period. Although there is plenty of advice online on how to protect a WordPress website from cyber attacks, it never ceases to amaze me how even the following fundamental mistakes are repeated:
Remove any username called ‘admin’
If your website includes a user called admin it means half of the work is already done for the hacker to gain entry to your website. All they need to concentrate on is cracking the password. So, remove any users called admin and avoid any obvious names.
Create a random password
Do not make up passwords that are logical, easy to guess or formation of words e.g. pa55w0rd
Click here to use this tool to check how secure your password is
Run the updates
Because WordPress is so easy to hack they are forced to regularly update the security of their software. However many hacked websites are simply the cause of nobody taking the immediate action to update the site. What’s worse is many templates are so poorly coded that you run the risk of breaking your website when you update it.
Update your plugins
The other very common route hackers gain entry is via plugins or templates that are poorly coded and/or nobody has taken the care to update them (either the developer or the person maintaining the website)
We used to see WordPress as a threat to our Web Development service but increasingly it is actually turning into an opportunity.
If you have a WordPress website you should ask your hosting company the following:
- What steps do you take to keep WordPress and all plugins secured and up to date?
- How do you monitor hacking attempts – particularly during holiday periods
- How do you detect whether my website is compromised?
- What steps do you take if a hacker has gained entry?
- How often do you back up our website and how quickly can you restore it?
- Is our website hosted on a fully managed and monitored dedicated server?
If your website is on a DIY hosting platform – then all of the above is down to you.
One simple solution is to move the hosting of your WordPress site to Easykey.
No, it is not the cheapest hosting solution but you can be assured that it is safe and secure and that it is monitored by a team 24 hours a day, every day including holidays.
Also we have the expertise to teach you how to maintain your website or carry out modifications and fix anything that is broken.