It’s a terrible feeling: your stomach drops, you break out into a cold sweat, all of the time, money, and effort put into building your brand on a WordPress site is gone. There’s nothing left but a cruel joke that has left you feeling helpless. But don’t throw in the towel just yet, here are five ways to protect your WordPress site from being hacked:
1. Change the Default Username
When creating a website on WordPress, the default username that is assigned to you is always “admin.” It seems appropriate since you are the administrator of that site, but it is also a bad thing to keep the obvious username when continuing to sign in to your site. Change the username to something more unique for your personal use. If you have already created the “admin” account just create another account with “administrator” access and make that a different username while deleting the original account.
2. Avoid Easy Passwords
This one may seem pretty obvious, but there are people out there that pick the same password for every login and keep the password simple enough so they will remember it. I know it may be hard to remember your password when you’re using upper and lowercase letters, numbers, and obscure symbols but it will be worth it in the end, I promise. The more complicated your password the more security you have over the many hackers that are out there in cyber space.
One way you can keep up with all of your (hopefully) very complicated passwords is a thing called LastPass. This password manager will save your usernames and passwords from every site and will put them into a “vault” to save them when you need them.
3. Update all Plugins and Themes
This is one that seems to be overlooked quite often. You go into your WordPress site and add a new theme here and a new plugin there and you go off thinking everything will be fine, but when updates come out for that theme and plugin it leaves them vulnerable to being attacked by hackers if they aren’t updated. With each new update for these themes and plugins comes more security to plug up the wholes that were left in previous versions. Sometimes updating is as easy as clicking a button, but other times it can wreak havoc on your site usually because there is incompatibility between your plugin and WordPress versions.
4. Back Up Your Site
Always, always, always back up your site. ALWAYS. If anything ever goes wrong with your site and you lose any or all information you must have a backup. Backing up your site will save you time and money (as well as hours of frustration). Just think: your site gets taken down or overrun by hackers, you don’t have a backup of your site, your site visitors think you’ve gone out of business, what do you do? With a backup in place you can return to the same site you had before the chaos began (assuming you run backups of your site files and database often) and continue with your work. This is a task best automated because according to the Wall Street Journal 58% of companies have done little if anything to have the chance to recover lost data in the event of their site being hacked. With an automated backup system you won’t ever have to worry about backing up your site manually again.
5. Find a Reliable Host
Finally, you must find a host that is always SAFE and RELIABLE. Let a hosting site (that you trust) take some of the time and effort off of your hands to maintain your WordPress site. Most “cheap” hosting sites only do the bare bones hosting, which leaves you to pick up the pieces when something happens.
I hope you will take advantage of these tips to make sure your WordPress site stays safe and is strong enough to keep hackers out!
7,200 WordPress sites are hacked EVERYDAY*! Don’t let yours be next.