WordPress is a highly popular platform to build websites. We see a majority of our clients use WordPress websites. With this increased popularity of wordpress it has become a popular hacker target. Now you may wonder why someone want to hack your website. There could be a multiple reasons but what stands out is that hackers use hacked web servers to send spam email, also they use hacked websites for blackhat seo tactics like link building etc.

We have listed few steps to secure your website but it is very important you take a back up of your site before proceeding. Because if your site uses a custom WordPress theme it could mean that upgrading WordPress version may break your site. We use a plugin called Duplicator to backup sites and if something were to go wrong we can always roll back to a working version and troubleshoot from there. With that in mind,

What can I do to secure my WordPress website.

    • Backup your website first!
    • Change the default username “Admin” to something not so obvious to guess. This is something that many developers do as a standard practice because a hacker will always try this username first.

To do this you may need to create a user with a different name and give administrative access, login as the newly created user and remove “Admin”user to make this change

    • Upgrade your site to the latest WordPress version

WordPress releases software updates quiet often which fix security issues and improves site stability

    • Update WordPress plugins on your website

Hackers can use plugins with weak security measures to gain access to your site. Developers who create these plugins will patch security flows releasing upgrades. So unless you update the plugin your site will become vulnerable to these attacks.

What if my wordpress site is already hacked

In an unfortunate event of your site has already been hacked what options are available to you ? What I usually do is walk around upset for a little while, saying ‘why’ a lot. But here is how to deal with it when you calm down.
You’ll need to clean the site and remove any malicious code from your site that may have been planted by the hackers. Google will also blacklist your site if it finds that the site is harmful to visitors, or leave an unattractive message on your google listing recommending people to not click through to your website.

If you are in need of help to fix a hacked WordPress website, Contact Chris or his dev. team at Christom Web Design

You can also keep up to date with what’s happening in WordPress security and newest WordPress attacks by following these blogs.

  • https://blog.sucuri.net/
  • http://www.wordfence.com/blog/