Avoid Lock Outs and Protect Yourself from WordPress Hackers

If you haven’t already experienced a lockout or hacker intrusion, you are one of the lucky ones. The effects of hacking are not minor, they can bring down your entire operation, cause you to lose all of your work. Don’t put securing up your website at the bottom of your to do list or it might be too late. Let’s look at some things you can do to make sure your site is secure.

#1 Start by Creating Solid Passwords

One of the easiest ways to get through a site’s security is with their password. Many people put off creating solid passwords because they claim they take too much time, but think about the time it will take to try to rebuild all your hard work.

* Every password on every site should be different
* Every password should be at least 15 characters
* A password is strongest if it is not a real word
* Use a mix of capital letters, lowercase letters, special characters and numbers.

Your password is your first line of defense against hackers, so make sure it’s strong. Never write your passwords down, they should always be kept in your head or you can use password manager such as Keeper Password Manager.

#2 Make Sure Your Site is Up to Date

WordPress has a lot of updates, too many people don’t bother getting all of these updates, and many of them fix security breaches and bugs, as well as providing the latest features. Sure, it’s hard to stay ahead of the hackers, but taking every step possible makes good sense.

#3 Change Your WordPress User Name

When you set up your WordPress account, you will get a default login username of admin. You need a good username with a strong password.

#4 Protect Yourself from Brute Force Attacks

You may not be aware, but almost every website receives more than a couple hundred unauthorized login attempts every single day and that includes your website. To guard against a brute force attack make sure you have put into place all of the suggestions. You can install the iThemes Security Pro plugin for WordPress to protect your site from these kinds of attacks.

#5 Monitor for Malware

You must be constantly monitoring your site for malware. iThemes Security Pro is a good solution for your WordPress site and it even has a free basic version. Thought the Pro version has many additional features.

Making Sure Your WordPress is Securely Installed

Often the One-Click installs offered by many web hosts don’t install the latest version of WordPress, so after installing it, check to see if it’s the latest version and then do an update if needed. Also check the default themes and plugins and update them if necessary.

Bitdefender WW

The next thing you need to do is take care of security issues on your site. WordPress has a plugin called iThemes Security Pro (formerly Better WP Security), that lets you change certain WordPress features to make it more difficult for the hackers to gain access. Be sure to take advantage of this tool to give you the best chance at a secure WordPress site.

iThemes Security Pro will let you:

* Change the default ‘Admin’ username to something different
* Lock entrance to the admin at specific time periods
* Change your admin user ID from 1 to something different
* Ban users based on the IP addresses
* Automatically email your database backups to yourself
* Change the URL you use to login from wp-login to something different
* Change your WordPress directory files from wp-content to something different
* Change your database prefix from wp_ to something different
* Check the number of hits on 404 pages and lock the user out if they are excessive
* Track any file changes
* Limit the number of times you can login attempts with the wrong password

And there’s more.

One of the easiest ways to get through a site’s security is with their password. Many don’t take the time to create solid passwords because they claim they take too much time, but compared to the time it will take you to attempt to rebuild your site, it seems like such a small price.

When you are creating a password:

Every password should be at least 15 characters
Every site should be different
Is strongest if it is not an actual word
Is strongest if it is a mix of special characters, lowercase letters, capital letters and numbers.

Regular Backups

The last thing you need to do is make sure you are taking regular backups of your site files and database(s). That way should the unthinkable happen, you will at least have a backup safely stored away, which will certainly reduce your stress.

One of the most popular plugins for doing this is called UpdraftPlus. This will create a backup and then upload that backup to Dropbox for safe keeping. You can also email that backup to yourself. That’s because the Dropbox plugin keeps only one backup, so sending to yourself allows you to keep many versions.

Get busy, add your plugin(s), change your passwords, make your backups and make your site as secure as possible.

Its Easy to Protect Your WordPress Website Against Security Breaches

If you have a WordPress site, it is very important that you take at least the basic steps to ensure you are secure from hackers. This isn’t really ‘news,’ after all this has been known for a long time, yet still many people do not stop and consider website security when they are creating their sites. They don’t do any reading on the topic because it’s too technical and just plain boring, and far too often people think it won’t happen to them. Therefore, they also don’t do anything to protect their blog or site. The good news is that in under 30 minutes you can improve your security and not spend a cent.

#1 Change the ‘Admin’ Username

The default login for WordPress is ‘admin.’ Trouble is most users just keep it that way, making it incredibly easy for hackers to figure out your user name. Now they are already half logged into your site. Change the ‘admin’ login into something new! Be sure to attribute your admin posts to your new user before deleting the admin user account.

#2 Create a Strong Password

Your WordPress is only as strong as your weakest link, and your password is often that weak link. Hackers use software that scrolls through hundreds of thousands of words looking for a match, which is why you should not be using a real word for your password. You should also not use a logical sequence of letters or numbers. So don’t use your pet’s name, your birthday, your phone number, etc. You can use a password generator to help you if you have trouble coming up with a strong password.

#3 Delete & Update

WordPress is known for being weak on security. The reality is WordPress is only insecure when the users do not keep it current. Any part of your website that isn’t running the latest version is always at a risk of being hacked. Hackers are constantly looking for vulnerabilities and if you aren’t staying current you are at risk. So make sure you are running the most current version of WordPress, installed plugins and themes.

#4 Limit the Login Attempts

Install a plugin that will limit the number of times a person can try to login before the site shuts them down. iThemes Security Pro lets you do this. When you limit the number of times one can try to access your site, you reduce the likelihood of being hacked.

That’s it – there’s plenty more so don’t stop after you’ve done these four things, but this is a great place to start.