WordPress is Super Popular
According to a survey by W3 Techs, WordPress now powers 27.1% of the internet, and is the Content Management System of choice 58.5% of the time.
Why is this significant? Other than being the best CMS for you to learn as a Web Designer, it also makes it the best CMS for hackers to target, because of its widespread use. Once hackers find a vulnerability in a WordPress site, either through a bug in the core files or a popular plugin, they can then leverage that vulnerability to launch attacks on any other site built using WordPress, or, 27% of the internet.
But Why Are They Hacking My Site?
Don’t worry, it’s not personal. Most hack attempts come from computers that have been programmed to target hundreds of sites in a single day, usually with the purpose of turning your site into a drone and then attacking even more sites.
How Can I Protect My Site?
The most basic steps you can take to ensure the security of your WordPress website are:
- Keep WordPress Core Updated
Anytime you are notified that there is an update to the core WordPress files, Update Your Website. Besides offering new functionality and code improvements, these updates often fix any security vulnerabilities that have been found in the core files, preventing your site from being vulnerable to hacks.
- Keep Your WordPress Plugins Updated
Plugin developers often update their plugins the minute any vulnerabilities in their code are reported. Keeping your plugins up to date will prevent your site from being subject to hacks that leverage these vulnerabilities.
- Backup Your Website Regularly
In case you are hacked, it’s much easier to get your site up and running again if you’ve got a recent backup to restore. There are many services that provide regular website backups. ManageWP will back up your site monthly for free. Some premium WordPress web hosts, such as WP Engine offer daily backups as part of your hosting plan.
- Use a WordPress Security Plugin
Wordpress plugins such as Wordfence, offer additional security features including Malware Scanning, Web Application Firewall, IP blocking and 2-Factor Authentication. Some of the features included in Wordfence are described here:
How To Configure the Wordfence Plugin
Follow Make A Weblog’s Tutorial on configuring Wordfence to get up and running.
Overall, the time it takes to install and configure a security plugin and backup service is far less than the time it takes to bring a hacked site back to life manually. Stay ahead of the game and protect your WordPress site from hacks.