According to WP White Security, more than 70% of WordPress websites are vulnerable to a hack attack! But don’t worry – it’s easier to deal with than you think!
INSTALL WORDPRESS SECURITY PLUGINS
Never is it a bad idea to find the security plugin that works for you! “WP All-in-One Security” is the one we use and recommend to clients because it has Brute-Force Protection, a File-Change Scanner, a Firewall, and much more! It even has a “Security Strength Meter” to show now secure you can make your site!
USE STRONG CREDENTIALS
Just create a password (even the one that can be auto-generated by WordPress) that’s at least 12 characters in length and doesn’t just use letters (regardless of capitals or lowercase) or numbers.
KEEP A CONSTANT WEBSITE BACKUP
This is a must-have regardless what happens! Use “BackWPUp” and have it run a backup at the very least once a month!
SCAN YOUR SITE FOR MALWARE
Plugins make it possible to scan your WordPress site for malicious code using a scanner like “Anti-Malware from GOTMLS.NET” – get it for free and scan your site immediately!
LIMIT YOUR LOGIN ATTEMPTS
“All-in-One WP Security” can do this too, so make sure to limit the number of attempted logins so a hacker can’t get in after a number of failed tries to break in!
CREATE A NEW ADMIN IF “ADMIN” IS YOUR USERNAME
Hackers will use the username “admin” because it’s the most commonly used username in WordPress. Make a new one with administrator rights and delete the old one so they can’t get in!
USE TWO-FACTOR AUTHENTICATION
“All-in-One WP Security” does this too by adding a CAPTCHA, but you can even send you a verification code by cell-phone! This makes it much harder for a potential hacker to get into your site!
KEEP WORDPRESS UP TO DATE
This is easily done without you pressing a single button by adding this to your wp-config.php:
define( 'WP_AUTO_UPDATE_CORE', true );