Seven Simple Steps to Prevent Your WordPress Site Being Hacked
In this article, we will detail seven very simple steps anyone can take to help prevent their WordPress site being hacked.
1. Choose a username other than ‘admin’
Admin is the default username for most WordPress installations, this means it’s a very obvious username for hackers to try and guess the password for.
2. Delete the ‘admin’ account.
If you have an account named ‘admin’ we recommend that you delete it, of course, only after having created a new account for yourself with administrator privileges.
2. Keep WordPress up to date.
WordPress is updated very regularly, and since version 3.7, will automatically update minor versions, such as 3.7.1, for you. The minor versions are those which most often tend to deal with security issues also.
3. Keep your Theme up to date.
Theme developers will often release updates to their products, make sure you’re always keeping your installed themes up to date in case any security problems are patched.
4. Keep your Plugins up to date
Most plugins are very regularly updated, be it for compatibility with new versions of WordPress, or to patch security issues, so it is definitely in your best interests to update them as soon as updates are available.
5. Correctly administer user accounts
WordPress comes with five predefined access levels, ranging from Subscriber to Administrator. Only ever provide users with the access they need at the most, and be sure to remove privileges when they are no longer required by the individual.
6. Change the WordPress Database Prefix
When installing WordPress you are able to change the database prefix. By default it is ‘wp_’ and changing it to something unique and ideally difficult to guess can make it considerably more difficult for hackers to break your site.
7. Use a strong password
Though common sense, many people do not use a strong enough, or unique, password. Ensuring you have a strong, unique password means that it’s harder for someone to gain access to your account, and if they do, the fact that it is unique means they don’t have access to any of your other accounts.
If you’d like to step up your security efforts further, consider one or more of these 5 Powerful WordPress Security Plugins