How to protect your WordPress site and your business
Depending on which sources you choose, there are anything upward of 74 million websites relying on WordPress today. I mention this because our WordPress site was the subject of a determined hack attack trying to brute-force the login to ENNclick.com. Fortunately, we were lucky. Our host, Nethosted, could see what was going on and in short order made it a lot more difficult to brute-force our website by adding a secondary server-level login.
The problem is these attacks are hugely lucrative as, even if only a tiny percentage are successful, it gives the attacker a platform to spread further malware to unsuspecting website visitors. Or, it can provide an opportunity to steal private information which could lead to compromising other logins for more sensitive web-based services.
Many people still use the same username and password for most of the websites they use. Do not do this. It’s easy to create a unique and distinctive password for every single login with services like Lastpass, which can remember your unique passwords and even set them up for you. With unique logins, you’re better protected, because even if one site that holds your details is breached, it doesn’t make you susceptible to follow-up breaches on other sites.
There has been a significant upsurge in brute force attacks on WordPress-powered sites. You can get a little more on the scale and context at Wordfence. This company produces a handy plugin for WordPress sites called Wordfence Security and, under the guidance of our hosting company, we added it to our site, along with another plugin called AntiMalware from GOTMLS.
Other simple things you can do are, in no particular order:
- Add Google two-factor authentication to your login page
- Hide your login page to prevent brute force attempts
- Always change the default admin username
- Backup your site regularly
- Use unique passwords and logins for every website you rely on
You can find out more about other simple security measures you can apply from the Designers Guide to WordPress 20 Simple Tricks to Secure Your WordPress Website in 2016
Ralph Averbuch is a marketing consultant and technical services manager for ENNclick.com. Connect with him at LinkedIn.
Main image by Alex G on Flickr.
Talk to us
Ireland: +353 1 657 1660
UK: +44 207 993 4563
Cork: +353 21 2348474
Edinburgh: +44 1875 341 583
London: +44 207 993 4563
USA: +1 978 775 5430
Receive our latest blogs and how to videos by email. Subscribe to our email newsletter.
- Of all the factors that can influence the succe...
- We’re always on the lookout for tools tha...
- When writing your social media posts, respect y...
- Even the most seasoned expert, writing on their...
- Google's recent warning on blog post content is...