There has been an increase in malware attacks on WordPress websites. Malicious hackers are targeting the popular content management system.
Here are some tips to improve the security of your website.
Do not use the admin account username
In older versions of WordPress, the default username was simply ‘admin’. Never use this account, it is the first username a hacker will try to access your account.
In recent versions you have the opportunity to select your own username, so please ensure you choose a different username in this step (which will ensure you can avoid having to recreate a user).
To delete the old ‘admin’ account
- Go to Users > All Users.
- Then select the admin username and delete the acccount.
- Instead of deleting the posts and pages, ensure you choose another user to attribute the posts to.
Ensure your WordPress version is up to date (including plugins)
Another important step to keeping your website secure is to always have the latest versions of WordPress software releases.
WordPress make it super easy to update your software and have a lot of notifications in your dashboard so you can’t miss them.
[yellowbox]Don’t forget to back up your website prior to doing a major website update. It doesn’t go wrong often but you are better to be safe than sorry. [/yellowbox]
Use Strong Passwords
Ok, so this might seem straight forward but its very important. Don’t use your name or the word ‘password’ as your password.
I highly advise the use of upper and lowercase mix of letters and numbers.
Use the Strong Password Generator if you can’t think of a password.
ALWAYS Backup your site
You can use a range of backup plugins to back up you database and files. We recommend Backup Buddy.
Or you can back up your own website manually using your hosting cpanel and an FTP account (this takes a lot longer than a backup plugin, but you can’t beat backing up yourself).
You can follow this tutorial if you wish to back up yourself.