Tips For Preventing Your WordPress Site From Being Hacked

Tips For Preventing Your WordPress Site From Being Hacked
July 15, 2013 Webmaster

preventing-websites-from-being-hacked

Whether or not you make money using your site, getting hacked is unacceptable, it is like invasion of your personal space. The internet has made it possible to buy and sell products and services in the comfort of your home therefore most businesses are online. The safety and integrity of your content is of utmost importance.

Before we go into how to protect yourself from hackers, let’s first answer some questions about hacking.

1. What possible reason would someone have to hack my site?

The answer to this ranges from “just because they can” to hiding illegal activity. The most common reason a website is hacked is to infect it with malware that can spread to the computers of those visiting your website.

2. Who would hack my site?

Before you start thinking up conspiracy theories of the government monitoring your activity, think local, a competitor looking to put you out of business could simply get your site hacked but before you start pointing fingers remember that criminals abound on the internet. As most businesses have personal information on their sites, a criminal hacker could easily do this in an attempt to sell the information you have on your site. Not only can they hack your site, but they can also use it to hack into other sites therefore ruining not only your business but your reputation.

3. How will I know if I have been hacked?

The hackers who do it just because they can will usually deface your site. Usually replacing content. Others will change prices or stock information. It’s not always obvious that you have been hacked. Some hackers will add links to their sites so your uses will be directed where they want them to go. Some will install malware that will infect the user’s computer when they click on them.

Keep an eye on your site and check on your ads and links to make sure that they are not corrupted.

It is important to keep your website as protected as possible. Here are a few easy tips to help you along.

1. Backup all your data.

When doing anything, make sure you have backup. Backup everything! You can choose to do it manually before or after making any changes or use a plugin.

2. Change your password.

WordPress gives you a default password which is ‘admin’, everyone knows this and it will be the first one that hackers will try. Change it. Make it as complex as you can, use caps, letters, numbers, anything you can to make it difficult for someone to get in.

3. Update your version of WordPress.

WordPress is continuously updating and fixing holes that hackers use. Make sure you update every time a new version is created. Follow web development to keep up to date with new security measures.

 4. Install WP security scan.

This is a very helpful plugin. It will scan your blog and let you know if and when it finds any suspicious codes. Green in tour admin panel means everything is good.

 5. Do not allow directory browsing.

Hackers can easily find out about your directory structures and find three holes in your site when they browse your directory. Stopping this is as easy as adding 2 lines in the root directory of your .ht access.

 6. Restrict admin access.

The only person who should have administrative access is the administrator. Check for all profiles that have admin access and remove them. Do not give access to people you do not know.

 7. Avoid Public Wi-Fi.

It’s undeniable that we enjoy using free internet, but keep in mind that public Wi-Fi is the perfect fishing site for hackers. Do not use it if it is not protected.

 8. Add captcha

The captcha function is important and makes it hard for bots to login into your site. This will not only prevent hackers from gaining access but will also prevent your site from getting spammed.

9. Set up an authentication app

There is a new security feature called two step authentication that generates a new code every 30 seconds. It is a Google app provided by WordPress.com. Just remember to keep your cellphone with you all the time.

10. Change table prefix.

The prefix for WordPress is WP and hackers know this. Just as you need to change your password, you also need to change this prefix. You can rename this whole prefix into something hard to guess that no one other than you would know.