Do you fear that upon visiting your website one day, you’d be greeted with a message left by a hacker on the site? God knows how long the message has been there and how many people have seen it. It might still be OK if your reputation has just been tainted for a while but what if your contents have been removed, your website made inaccessible and your customers’ details have been stolen?
The LinkedIn hack incident being the most recent one, where 6.5 million credit card details were stolen. It is safe to say that being hacked is every web owner’s worst nightmare!
There is no surefire way to deter hackers, what you can do is to beef up security and make it tough enough for the hackers to crack through. Hopefully they’ll give up when they discover that you’ve made things tough for them but if they do succeed, at least you had put up a fight! So here’s what you can do to secure your WordPress website from hackers:
1. Choose a strong, long password
Everyone knows how important a strong password is but why they do not come up with one remains a mystery. They can even tell you that a good password would consist of upper and lowercase letters as well as numbers and symbol.
But these same people possibly have passwords such as 1234 or a1b2c3d4. Some think that birthdates and car plate numbers are safer choices but these aren’t the best choices especially if your personal details can be gotten online.
2. Change the ‘admin’ user name
WordPress comes with an admin user by default. The hackers now only have one challenge, which is to decode the password, as they already have the ‘admin’ as the username. Remove this login name but you can still retain the admin rights; simply create a new account with the desired rights.
3. Change the security keys
What keys? There are keys in WordPress?! For those who are not aware that their WordPress blog has security keys, you can think of these keys as the gateway to your site. With these keys, it will be more difficult to break into your site, just as how a thief would find it difficult to get into a home without a key.
I’m not going to go in detail here on how to change the keys, but you can read up more instructions on WordPress official website and do it yourself, no techie knowledge is needed.
4. Update, update and update
Lazy people can be protected from hackers too without doing much. If you are not keen on codes and such as those mentioned above, then keep in mind to always update WordPress to the latest version, as well as your themes and plugins. Its important that you download the latest Wordpress version and have the same updated regularly.
Updating is simple; you will be notified whenever a newer version is available and you’d just need to click here, click there, install, run and done! Updated WordPress, themes and plugins always come with newer security features which will replace the earlier or outdated ones.
5. Limit log in attempts
Hackers are human too and they don’t possess supernatural ability or manage to obtain your password all the time. Sometimes, they’ll just keep entering possible passwords in a trial-and-error attempt. By installing a plugin called Login Lockdown, you will be able to prevent hackers from entering subsequent tries once a certain number of failed attempts have been made!
Since they can’t try anymore password combinations, they would have to leave your site.
6. Backup your website
After doing all the steps above, remember to periodically backup your website. This includes the database, images, and your WordPress themes (which you might have made customizations to). At the very least if your website does get hacked, you will still have copies of your website instead of having all your work and data gone forever!
Every effort must be made to keep hackers away. It is simply a nightmare having your website compromised and everything gone. Even worse is if financial and transaction data is stolen. Security doesn’t come easy but with the above measures taken you can sleep at night knowing that hacking won’t be easy too!