I recently received a frantic email from a friend stating that his WordPress blog had been hacked. I looked at the site, and sure enough it was full of rather unsavory content, the sort of which you’ll find in the darkest corners of your Spam folder. I was able to remove all the unwanted content and several dozen fake user accounts rather quickly, but not after some damage to his blog’s reputation.
His story is quite common. He had set up a WordPress site about 18 months ago with the intention of blogging frequently. Like many of us, he became sidetracked with several other projects and more or less forgot about his site. Over time some of the plugins had known exploitable vulnerabilities, and hackers were able to take advantage of them and inject the site with malware. If he had stayed on top of his site’s maintenance, the hack could have been avoided.
What is the best way to avoid WordPress hacks?
In a word, diligence. The hacker community is a very active one to say the least, and new exploits are being discovered constantly. To begin, you must practice solid security fundamentals such as strong passwords, non-standard admin usernames, a good hosting plan, etc. However, simply setting up some enhanced security and walking away is not enough. To keep up to date with the ever-evolving hackersphere, you must constantly check the status of your WordPress core, monitor installed plugins for vulnerabilities, read security blogs, check Google Webmaster Tools and other third party resources that monitor site health, and so on. Only then can you be confident that your site will stay one step ahead of attackers.
If that sounds like a lot of work and not much fun (after all, you just want to occasionally write blog posts, not spend hours each month tracking potential plugin vulnerabilities), we can help. We regularly work in areas such as insurance website design where security is an incredibly high priority, and it has given us a lot of experience in keeping websites safe and secure.
Ease your mind with our WordPress Maintenance Plan
Focus on what you love while we do all the dirty work. Our WordPress Maintenance Plan will keep an eye on your site, even while you are on a blogging vacation. We’ll keep everything up to date and operational, and will implement best security practices to keep the hackers at bay. In addition to security, we’ll also find ways to boost site performance to give your site a boost in satisfied customers.
If you have a WordPress site that you don’t have the time to properly maintain, just send us a note and we’ll give you a hand.