Category Archives: online security

Cyber Security Steps For Your WordPress Site

Cyber Security for your WordPress SiteCyber security is now a major concern for any online business. With the rapid growth of cyber attacks like malware and particularly ransomware, even the most humble website needs to be secured.

Most websites today are built on the WordPress platform. Now personally, I LOVE WordPress because it is:

  1. Free (and who doesn’t love that?)
  2. Easy to update
  3. Easy to customise (with a massive amount of themes and plugins available)
  4. Well supported (easy to find solutions to common problems)
  5. Optimised for SEO (easier for your content to get found online)
WordPress is perfect for business... and hackers
WordPress is perfect for business… and hackers

Unfortunately this popularity has a downside: it’s made WordPress a prime target for hackers and scammers. A hacked website can cost you thousands of dollars to recover, along with many hours of frustration.

Here are some ideas for protecting your online business.

FIRST – don’t use the standard “admin” username. Hackers using brute force attacks will start with this username because it is the default one, which is often not changed. You can make life harder for hackers simply by using something unique.

SECOND – PLEASE don’t use a common word as your password! The same hackers using brute force for your username will also be doing the same thing on your password. If you’ve made it “password”, “secret”, “belinda” or something else common, you’re just asking for trouble. The best passwords I find are a combination of a few small words separated by a #, %, * or some other character. This makes the passwords easier to remember but still hard to crack.

THIRD – Change your default admin login path from the default /wp-admin to something unique. There are several plugins you can find online to do this. While this step won’t deter the serious hacker, it will confuse and block the amateur.

FOURTH – Limit the number of login attempts. This will force the would-be-hacker to change their IP address and hopefully get so frustrated with you that they giveup. Well… you can live in hope, right?

FIFTH – Implement a captcha mechanism. Again this isn’t going to stop the serious hacker (they’ll be using decaptcha tools to work around your captcha!) but it is another security measure you can easily implement.

SIXTH – Install a decent security plugin. There are many out there including All In One Security. Using professional plugins will allow you to make other changes such as implement a website firewall, restrict access to key website files and more. In fact some plugins will let you change the previous 4 areas directly, making your life much easier! And it’s a lot more effective than trying to install 4 or 5 individual plugins to achieve the same result.

If you implement all of these steps, you’ll be well on your way to blocking those #$!#@? hackers, and keeping your site running fine!