Protect Your WordPress Website From Being Hacked

Protect Your WordPress Website From Being Hacked

It’s not a matter of if, it’s a matter of when. I used to think that websites getting hacked only happened to large corporate entities who had lots of money. Certainly hackers have better things to do than to attack small business websites. Then it happened to a former client. Then it happened to a website I was in the process of still building. Needless to say fixing a hacked website takes a lot of time and money. Something not all of us have. So, how do you protect your WordPress website from being hacked? In an effort to protect small businesses out there, I’ve written a list of my top 3 recommendations you can use to protect your WordPress website.

Update WordPress & Plugins

This is the number one thing you can do to protect your WordPress Website from being hacked. A lot of updates aren’t feature updates, they are security updates. That means if you don’t update your core WordPress site and your plugins, you’re exposing your website to known security flaws. Also, make sure to delete old unused plugins. Just because a plugin is not activated doesn’t mean it’s not on your website. The files are still there and hackers will use those old files to create back doors into your website.


Take Regular Backups

There are services available that do this. However, I’ve found it’s best to do this manually. The reason I prefer a manual back up is because automatic back ups get overwritten and some threats sit dormant on your website for a period of time to ensure it gets into your backup versions. If you’re doing this manually, you can take backups when you do major updates to your website, when you update WordPress, or at a set time. Another other good reason to do a manual back up is that your website stores it’s automatic backups on the website’s server. Which means an attack could corrupt or delete those backups rendering them useless. If you’re doing it manually, you can store the back ups on a seperate cloud service like Dropbox or Google Drive.


Limit Login Attempts

This should be one of the first things you install on your website. In the cases where I saw websites hacked, the virus had disabled this plugin. That being said, this is still a good tactic to use. If an attacker can only attempt to guess your password in 3 tries, odds are they won’t succeed.


Other Useful Tips

These are the top three preventative measures I recommend to protect your website. However there are other useful ways to prevent your WordPress website from being hacked. Check out this blog post from WordPress Beginner for their tips on how to protect your website.


Comments are closed.