Essential Website Security Features for WordPress
- July 22, 2020
- Bradley Taylor
There are literally thousands of servers around the world dedicated to hacking into websites. The person or persons who set them up hope to hack as many websites as possible for their own personal gain. These motives can range from holding the site for ransom or simply turning it into a zombie site which they will use to run their malicious code.
If you are operating a website that is using the WordPress platform, there are some really solid steps you can take to prevent your website from being hacked. In this article we will go over a list of things you can do.
- Login No Captcha reCAPTCHA (Google) – This is a plug-in which helps keep automated bots from logging into your site by guessing username and password combinations. It requires the person attempting to log-in to perform a security test to prove that they are human.
- Ip Geo-Block – This plug-in will help you block visitors from other countries. You can create a whitelist of which countries to allow. Blocking countries like China and Russia will cut down on the hack attempts by 50%+ right off the bat.
- Make Sure You Keep Plug-Ins Updated – Older versions of plug-ins are susceptible to hacking. If you no longer use a plug-in, you should delete it.
- Never choose the username “admin”. It is the very first username all hacking programs try. Use any other word for your username and you should be fine.
- Change your passwords every six months. Yes, it is a pain in the butt, but passwords have more of a chance of getting discovered the longer they are used. Changing them is key in preventing this.
- Use password generators. Using a generator will help create a password that is very hard to break. If you use your kids name or your own middle name you just made it easier for a hacker to access your site.
If your website is hacked then you may never get it back. If your website is valuable to you and your business then you should do whatever it takes to keep it from getting it hacked. Hackers will often ask for thousands of dollars to give you access to your own site again. And it will take thousands of dollars (or the equivalent in time) to build a brand new website.