This site uses cookies in accordance with our Privacy Policy.
3.0: Video – Introduction to WordPress Security
Video Transcript
WordPress is by far the most popular platform for building websites, powering 34% of them worldwide. But popularity comes with a downside. Hackers like to target WordPress because it allows them to infect a huge number of websites at the same time by using automated attacks.
Most attacks on WordPress sites are conducted by bots, programs written by a hacker to perform attacks for them. In many cases, large groups of bots, or botnets, attack thousands of sites simultaneously. Hackers sometimes target high-value sites manually, allowing them to make more devious decisions about how to attack and avoid detection.
Hackers attack websites for a number of reasons:
- To use the server to send spam
- To host malicious content
- To steal your website data
- To spamvertise
- Or to use your server to attack other web sites
- All of these activities can have a negative impact on your business and reputation
It is important for you to follow these best practices to keep your site secure:
- Use strong passwords
- Choose a reputable hosting provider
- Keep WordPress, your themes and plugins up to date
- Use an intrusion detection and protection service like Wordfence, as an additional layer of security
- Remove all old and unmaintained web applications from your web server
- Ensure that there are no sensitive temporary files lying around on your web server
- And if you use a source code repository, make sure that the configuration files are not visible on your website