You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you’ve built could be hijacked or worse, lost to you.
Beginning in the first week of April of this year, “botnets” have launched attacks against scantily protected WordPress sites, targeting some 90,000 at last count. This can result in many lousy consequences, such as denial of service, spam and more
We’re going to talk about how you can ensure your WordPress security, and give you and your business peace of mind. Let’s look at 7 critical steps to make sure your WordPress install doesn’t suffer the same fate. Protect WordPress wp-login Page
1. Keep your WordPress Installation up to date – One of the easiest and most valuable tasks you can do yourself is to make sure your WordPress installation is updated. WordPress gives you a notice on your dashboard, so there’s really no reason to not do this.
2. Employ better usernames – The thrust of this latest WordPress attack was aimed at sites that had not changed their usernames from “admin”. Once they found these sites, these botnets went to work with software, guessing logical passwords-and many times hit the jackpot. Using almost anything, (except your email address) is better than “admin.”
3. Use strong passwords – Do your best to use a strong password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are also easy to guess!
4. Protect your login credentials – Don’t keep your login credentials where a hacker might find them. Store them offsite, and even offline. Roboform is good for protecting them, too. Food for thought!
5. Don’t depend on your Web host – Many people depend on their web host to “do all that technical stuff for me”, not realizing that sometimes, they don’t! Far better to have the responsibility lie with you, instead of out of your control.
6. Make a clone of your website – A WordPress clone of your site can be a very useful thing to have, particularly if you want to migrate your site or do some redesign work without having to do it live for all the world to see as you go along.
7. Perform regular backups – Make WordPress backups regularly, at least once a month. The easiest way to do this is with a plugin that you can schedule, that is updated to the current version of WordPress, and has restore capabilities.