WordPress Security

Top 5 ways to protect your WordPress website from Malware and Viruses!

March 30, 2015

WordPress powers over 25% of the Internet, making it a massive target for hackers. Unfortunately if someone with the know-how wants to break into your WordPress website, they can.  But together let us make their job as difficult as possible!

Update WordPress!

WordPress is “open source”, meaning anyone can view the code and learn how WordPress works. As hackers find vulnerabilities, the WordPress developers are plugging the holes and fixing them. Hackers look for older versions of WordPress with known vulnerabilities, so stay ahead of the game and always update WordPress!

As of WordPress version 3.7, you can now set WordPress to automatically update!

Only use trusted plugins… and update them!

Plugins are the #1 cause of Malware on your WordPress website. Make sure you download plugins from trusted sources only, like WordPress.org and Code Canyon, where they have been checked to make sure they are secure.

Just like with WordPress, all plugins are open source so make sure you update them and plug up those vulnerabilities!

Make sure your password is secure!

Is your password “letmein” or “password1”? Even if it isn’t, change it! Hackers have a list of the most common passwords and can “brute force” their way into your WordPress Admin Panel. Use a variation of letters, numbers and symbols. A great rule-of-thumb: if your password is easy to remember, it’s probably easy to break into!

Insecure server & hosting company

A cheap shared server probably hosts thousands of websites, and they can all be compromised if a single site becomes infected. There are many security measures each hosting company must put in place to protect their servers. Make sure you do your research, read reviews and question the sales staff before signing up with any hosting company.

Backup your website as often as you can

Always back up your website in case anything does happen to your website! Many hosting provide backups at an additional cost, but it’s always best to have your own backups and perform them more frequently.

You can back up your website onsite (on the server itself), or offsite (on another server). I always recommend offsite backups in case your entire server becomes compromised, and this can be done easily (and affordably) using services like Amazon S3.

Security is essential, and having your visitors view your hacked website is unprofessional and hurts your business. If you protect your website by using these 5 methods, you will effectively make the life of any hacker difficult! If you’re website has already been compromised, please email Simplistics or call us at 905-597-6943 and we will help you clean your website right away.