6 Tips You Must Follow
Always use 2-step verification to log in to your WordPress site. If this is too much ‘friction’ for you, at least follows these 6 steps. They won’t stop the determined hacker, but it will add significant protection.
1. Avoid Weak Usernames
Never use the default “admin” or the name of the website as a username! It’s scary how many do. Hackers try these options first.
2. Avoid Weak Passwords
For help on this, read more >
- Do not use universal passwords
- Avoid obvious personal info
- Do not store passwords electronically
- Use alpha-numeric and mixed case characters
3. Limit number of login attempts
Lock out visitors after a maximum number of incorrect entries of
4. Be on Your CMS’s latest version
Whether it’s WordPress, Joomla, Drupal etc, upgrade to the latest version of ‘the platform’ immediately, to ensure you have the latest security.
5. Keep Plugins and your Framework or Theme Updated
Whilst 3rd party software saves on development costs, they are also a vulnerable point of attack.
- Use plugins sparingly. 12 is low. 30+ is high risk.
- Only use well-respected providers
- Install updates as soon as they are released
6. Security Plugins
There are some excellent security plugins out there for blocking attempted hacks.
- Instal a plugin to track and lock out attempted hacks
- Instal a spam comments plugin to block users who post malicious links
As mentioned, whilst these six measures won’t stop the most determined hacker, these will make your site much more secure.