Your Website is valuable, make sure you protect it.
It can take a lot of time and effort to design, create & build a good WordPress website, even if you are using a simple to use drag and drop theme. You have to install it, set it up, add all the best plug-ins and that’s before you start customising the design and writing great engaging content for your customers to read. So, just imagine the devastation you will feel, if one day you find out that your WordPress website has been hacked and all your hard work has been lost because you have not backed up your website.
Prevention is better than cure.
An old saying I know, but when it comes to your business website, there are a few simple steps that you can take that will reduce the risk significantly.
Setup your user account properly, using “ADMIN” as your user ID means that hackers only have to get hold of your password, cutting out 50% of your protection, and make sure you remove the ADMIN ID once you have created your new user accounts.
When setting up your new user ID, setup a couple of different ones, so you can use a non administrator account for your posting and a separate one with administrator rights for other tasks. This is because, when you add posts to your website, you’re giving out user information and you do not what hackers knowing any details about your administrator account.
Use Strong Passwords
When creating your users accounts, make sure you create password that are unlikely to be guessed, this means no using passwords such as “username1234”. Make your password difficult for people to work out, use both upper and lower case, both letters and number, and make your password at least 10 characters in length. Never share your password or use the same one for multiple accounts, even on different websites and change it on a regular basis. I know this is difficult, but it’s a lot easier that recovering from a hacked website.
Restrict login attempts
There are a couple of simple plug-ins you can add to your WordPress website that allows you to limit the number of login attempts, blocking users from trying to guess your password.
The main plug-in that people use is “limit-login-attempts” and it has worked well for sometime but there are reports surfacing that this plug-in has now been hacked, so I would now recommend installing Login Lockdown.
Always keep up to date
WordPress regularly releases a new version of their sorfware, these updates will fix bugs and other security problems, so always check you are on the latest version.Running out of date software is one of the most common ways websites get hacked. It’s not just WordPress that you should keep up to date, but all your plug-ins and your theme as well. Another good tip is to remove any used plug-ins and themes from your WordPress account.