- Do regular maintenance. Just like with your car needing an oil change, your WordPress blog should have a basic tune-up regularly. Make sure you are using the latest version of WordPress and keep your plugins up-to-date too. It’s easy for plugins to create a conflict in the backend of your WordPress site.
- Get professional help. Do not diagnose the problem yourself, hire a professional that does website recovery work. Keep in mind, the person who built your Web site might not be able to determine how to stop a hacker attack.
- Make sure you have the appropriate hosting option. If you have a site that gets major traffic – over 25,000 visitors a month like this one, a shared hosting server will not cut it. You might need to look into having a dedicated server, which is pricey, but can provide an additional security options to give you better peace of mind.
- Keep a list of your passwords and plugins. You should have a permanent file in Google Docs or DropBox with all of the logins to the site and your hosting account. You also need a list of plugins that are being used on your site.
- Do regular back-ups. Make sure you have at least monthly back-ups done for your blog. (I do them weekly.) WordPress has a great free plugin for back-ups called myRepono. You can automate your WordPress, website and database backups using the myRepono plugin.
- Delete the Admin login to your site. You never want to make it easy for people to gain access to your website. By using “Admin” as your login, you are giving hackers half of the information they need to break into your blog – then all they need to do is guess your password to gain access to everything.
If you do these things, hopefully you will avoid the chaos that can happen when your WordPress site is hacked.
“Username Password word” courtesy of digitalart / www.freedigitalphotos.net
Do you have any other suggestions for protecting a WordPress site?