Video – Introduction to WordPress Security
The WordPress Security Learning Center
Video – Introduction to WordPress Security

3.0: Video – Introduction to WordPress Security

Basics
Updated September 30, 2024

Video Transcript

WordPress is by far the most popular platform for building websites, powering 34% of them worldwide. But popularity comes with a downside. Hackers like to target WordPress because it allows them to infect a huge number of websites at the same time by using automated attacks.

Most attacks on WordPress sites are conducted by bots, programs written by a hacker to perform attacks for them. In many cases, large groups of bots, or botnets, attack thousands of sites simultaneously. Hackers sometimes target high-value sites manually, allowing them to make more devious decisions about how to attack and avoid detection.

Hackers attack websites for a number of reasons:

  • To use the server to send spam
  • To host malicious content
  • To steal your website data
  • To spamvertise
  • Or to use your server to attack other web sites
  • All of these activities can have a negative impact on your business and reputation

It is important for you to follow these best practices to keep your site secure:

  • Use strong passwords
  • Choose a reputable hosting provider
  • Keep WordPress, your themes and plugins up to date
  • Use an intrusion detection and protection service like Wordfence, as an additional layer of security
  • Remove all old and unmaintained web applications from your web server
  • Ensure that there are no sensitive temporary files lying around on your web server
  • And if you use a source code repository, make sure that the configuration files are not visible on your website

Did you enjoy this post? Share it!

The WordPress Security Learning Center

From WordPress security fundamentals to expert developer resources, this learning center is meant for every skill level. Get serious about WordPress Security, start right here.