Big Internet sites are often being attacked by hackers. It isn’t good for business to be perceived as vulnerable to these attacks, so we rarely hear about the attempts. We only hear about a site getting hacked if the targeted company chooses to acknowledge their security measures failed to keep their data safe.
Sometimes the attack is designed to steal information. Customer information like names and email addresses are worth quite a bit of money to many marketing firms. Determining whether that information was gathered by legitimate means is impossible when it is purchased from a third party. Other attacks are designed to make a site crash. This type of attack is called a denial of service or DoS attack. The hackers make the site or server crash by sending so many requests for information, trackbacks and comments that the server or site gets overloaded.
Many people assume that these kinds of things only happen to big companies like Facebook and Ebay. The fact is, they happen to all kinds of companies and sites. Even blogs are victims of these kinds of attacks. Sometimes a specific blog may be targeted, but it is often the company hosting the sites that is being attacked.
If your blog or site is hosted on WordPress, it is a good idea to think about how safe and secure it is. Consider what would happen if your blog fell victim to one of these attacks. If you are using WordPress to help market and brand your business, this could have significant impact on your customers and your image. Even if you are just maintaining a blog for personal reasons, it can effect your followers and be a significant inconvenience. WordPress provides a surprising number of tools that can help make your blog more secure.
WordPress Database Backup
If you aren’t in the habit of backing up your work, you will eventually suffer a major catastrophe. The WordPress Database Backup plugin offers backups in the moment and on a schedule. When you schedule your backup you have the option of choosing which databases to backup and where. You can back them up to your server or via email. The plugin installs quickly and with almost no effort on your part. The option to backup appears in the WordPress control panel.
You can get the WordPress Database Backup plugin here.
Login Lockdown
Keeping your information secure means keeping unauthorized people out of your WordPress control panel. Hackers will often attempt to break the password on the control panel of a site in order to gain access to information. Login Lockdown makes this tactic much more difficult. If there are too many login attempts from an IP address, that IP address is automatically denied access. By default, 3 failed login attempts in a 5 minute period will trigger a 1 hour lockdown. These settings can be adjusted from the WordPress control panel.
You can get the Login Lockdown plugin here.
Anitvirus WordPress
Because WordPress hosts such a large number of sites, there are programers who design worms, malware, trojans and other malicious programs to specifically attack WordPress hosted sites. Antivirus WordPress continually monitors your blog for such attacks and contains them. It can be programed to do a thorough scan daily and will send you an email automatically when it finds suspicious files.
You can get Antivirus WordPress here.
WP Security Scan
Vulnerabilities can easily crop up during the installation of plugins or updates. Making changes to the layout or modifying some functionality can also reveal or create new ways for hackers to get into the admin side of your site. WP Security Scan looks for these vulnerabilities and provides suggestions on how to fix them.
You can get WP Security Scan here.
All of these tools will help make your site more secure. Having these tools is not enough, however, you need to use them. It is important to be smart about how you manage your site as well. Here are a couple common practices you should employ.
Strong Password
Many studies have found that the most common passwords are either words found in the dictionary or a string of numbers that are easy to guess. Passwords like “2468” or “rosebud” are not going to keep a hacker out of your control panel. There are a number of password generators available like Strong Password Generator and Random Password Generator. If you prefer to make up a password yourself, use one that is a combination of letters, special characters and numbers.
Stay Updated
Keep your WordPress installation and the plugins you use updated. WordPress is very active in identifying potential vulnerabilities and fixing them with their updates. So, make sure you are benefiting from their hard work.