WordPress Security Tips; 5 Steps To Protect Your Website

WordPress Security Tips To Protect Against Current Brute Force Attacks

I’m writing today about wordpress security tips to protect your website.  You may have read in technology news that a series of “brute force” attacks are being executed on WordPress websites.  I will briefly explain what this means and how to protect your website.  We will quickly review some good practices, in general, to keep your website safe.

What Is A Brute Force Attack in Technology?

A “brute-force” attack is a relatively unsophisticated hacker attack where one or more remote computers try to guess your password. The remote computer attempting to hack your site assumes your user name is “admin”. If in fact your user name is “admin”, then half the work of gaining entry is done. They then utilize password cracking software to access your website.

Once they gain access, your site becomes part of a “botnet”, a network of machines or platforms executing programming commands from a master computer. The master command may be to issue spam or virus code.

You don’t want to make it easier to have your website hacked, and since all accounts named “admin” are being targeted, if you use “admin” as your log in name, it’s time to make a change.

WordPress Security Tips To Protect Your WordPress Website

  1. Make sure your “admin” account has been renamed, because these attacks are being aimed ad accounts named “admin”.
  2. Delete any user profiles not in use.
  3. Make sure all your passwords are difficult to guess. Use upper case, lower case and symbols. Also, using a string of unrelated words is also effective. For example: carrotbootjamaicafraction
  4. Make sure you’ve disabled and deleted all unused themes and plugins. If you are not using them, you are likely not updating to the latest versions, and that can leave your site vulnerable to security cracks by which hackers can gain entry.
  5. Make sure you have the latest version of WordPress installed as security features are updated regularly.
  6. Install a WordPress Security Plugin

Note, if you have not updated in several years, or are using an old theme, things may look a little different when you update (both on the front end and back end). We offer support if you need help. Call Zoe at 416-292-3300 ext 2.

I know for most of us, myself included, “brute force” attacks and “botnets” might sound like they are straight out of a storyline in a sci-fi fantasy movie, but these are real things, and easy enough for a very good programmer to execute. Stay safe. www = wild wild west!


TUCU is a tech support company serving Toronto & Durham Region. For a free quote or immediate help, call 1-855-558-TUCU or email us.