Protect/Secure WordPress Against Hackers

Websites are getting hacked more and more. Most of the time the owner would have no clue they were even hacked. Most hacks(backdoors, viruses, worms, ect.) don’t take down your website. They actually use your website to help there websites. Some of the more recent hacks end up making all your search engine traffic redirect to a different website. This will really hurt you pagerank, search engine position, and most of all you revenue. Now unless you are a avid searcher for your domain/keywords, you will never see these hacks. So first off what can you do to protect yourself from getting hacked. There are a few ways that you can protect your self and almost anyone can implement these securities.

Installing Secure Plugins

One of the best ways to stop people from hacking your website is to install some security plugins. There are a lot of free security plugins out there that work great. Here are a couple:

  1. BulletProof Security
  2. WP Security Scan
  3. WP Login Security

Now these plugins are great they really help you protect your WordPress installation and show you problems involved with your installation.

Backup File And DB

The next thing that you can do to protect yourself is to always have backups of everything. If you have backups of your files and database you can always revert to a older version or move to a different server easily. Here are some great plugins for that:

  1. myEASYbackup
  2. WordPress EZ Backup
  3. WordPress Backup To Dropbox

There are a ton of backup plugins and most of them are really good. This is defiantly something that you want to do because you never know when you are going to have to repair or revert your WordPress site.

File, Folder and User Settings

There are tons of things that you can do with your settings to help protect you from getting hacked. One of the biggest and yet most exploited parts of WordPress is the admin account. I am not talking about all administrators I am talking about the user admin. Most WordPress installations are created with the default admin user. This is something that I would strongly advise in changing. Another thing would be your database prefix. Most WordPress databases are created with the default prefix wp_. This is something that you can change when you first start your website, name the prefix whatever_ your want. You can change this after installation it is just a little bit harder.

Permissions

The default WordPress permissions are files 644 and folders 755. A lot of your files don’t need to have that much permission. For instance your .htaccess file it has a 644 but only needs a 404. Your wp-config.php has a 644 but only needs a 400. There are a lot of files and folders that you can change the permissions to and still have a working site. I would recommend the BulletProof Security plugin from above. It scans your files and informs you of all the files that you can change the permissions on to get better protection.

User Accounts

As for user account you should really limit the use of the administrator account. I would not have more than 5 of these if that many. You really don’t have to give the administrator privilege, in order to change things on the site. You can use the editor, author, or contributor settings for people needing to change information or create posts. Another thing that you can so is add a Captcha or reCaptcha plugin to your site. This will make it so that not everything can create a user account.

Final Thoughts

If you have had issues with hacks I hope that this helps you and your site. If you currently have a hack I hope that you can get it taken care of quick. If you need some help understanding the hack please feel free to contact us.

About Shane

Hi I am Shane the main author of this blog. I am a self taught web developer. I have been working in this industry since 2008. I work a lot with WordPress, Magento, SEO & SEM, and custom built websites. I love all sports and I will try anything at least twice.

Working remotely is one of the fastest growing perks in the working world. It’s something that people talk about a lot, and it’s a solution to the “work/life balance” problem that bothers so many people. Most of us have asked the question, “Why do I work so hard?” For some people, there are many sides

Know little about the use of keylogger for Android? Wondering why so many friends choose free Android spy? What benefits can you get from tracking cell phones of your children and employees with the help of sms tracker? Keep reading and find the answers in this short article. Have you ever dreamed of taking control

As a photographer whether it be a hobby or on a professional level the realm of high dynamic range photography can be very troublesome without photo editing software specifically made for photo HDR. Aurora HDR photography can be very challenging as it is, but with Aurora the job gets a little bit easier. Some might

  • Reihaan

    Nice thoughtful and good article on the protection of wordpress..Thanks for explaining it very well.