Yet another reason why you need to keep WordPress and plugins updated – the FBI reports that ISIL, the terrorist group, is targeting WordPress installations with old plugins or no security features.
WordPress Security – What Can I Do?
- Perform backups. At least monthly – I prefer weekly. Files and database.
- Use a backup service that shows changes to your code. Review every report sent to you. I provide this service, including reviewing the reports, for $10/month or $15/bi-weekly.
- Log into your WordPress site at least weekly and run updates.
- Use secure passwords and usernames. Not just WordPress, but FTP and hosting control panels as well.
- Change those passwords at least quarterly!
- Change the name of your admin folder (I use iThemes Security for this).
- iThemes Security will also lock out brute force attacks (multiple attempts to guess your username/password).
These days, all website security, not just WordPress security relies on constant vigilance, keeping your site updated, checking for unauthorized file changes and secure passwords. Please save yourself time, money and stress by logging into your WordPress installations now and running updates!
WordPress Security Links
One of the best plugins around to enhance WordPress security, is Better WP Security. In this tutorial I'll show you the most interesting features of this great (...)
If you're starting a new WordPress blog, you're probably not thinking about security, isn't it? WordPress security sounds very difficult and maybe you think it's not for you... Well, you're wrong! In this short tutorial you'll learn how you can strengthen the security of your blog so it's much more protected against spam and hackers.
Securing your WordPress blog or site might not be high on your agenda, as you feverishly strive to build your site's content and focus on its design aspects. However we all know that security can literally make or break your blog, and we're here to make your life easier by selecting the best WordPress security plugins for you.
When you clean as many sites as we do every day you start to come up with little tricks that help expedite the process, here is one where you can use FTP to your advantage. This post will cover two features in FileZilla that any novice can quickly employ: For those wondering I'm running FileZilla on MAC OS, version 3.6.0.
Security analysts have detected an ongoing attack that uses a huge number of computers from across the Internet to commandeer servers that run the WordPress blogging application. The unknown people behind the highly distributed attack are using more than 90,000 IP addresses to brute-force crack administrative credentials of vulnerable WordPress systems, researchers from at least three Web hosting services reported.
HOSTGATOR SOLUTION: There is a worldwide, highly-distributed WordPress attack that is ongoing. This attack is known to be using forged or spoofed IP addresses. We are actively blocking the most common attacking IP addresses across our server farm.
A lot has been talked about how the "out of the box" Wordpress search functionalities are... well, not the best. Most wordpress developers know it and that´s why we tend to avoid it installing alternative search plugins. Other developers, as they do not need search functionality , simply do not put the search box or icon anywhere, but...
Protect and defend your WordPress site with iThemes Security, the best WordPress security plugin. Includes brute force protection, renaming of admin folder, backups, blacklisting and more...
A blog covering security issues of all types, with a category specifically for WordPress. You can subscribe by email to get updates about WordPress issues.