WordPress security and hacking

A word of caution.  We’ve all gotten spam that was probably forwarded from a friend or colleagues email address.  As you may have read in the news, even high profile companies are having their servers hacked.  If you have a website, there is a chance that it may be hacked.  This is especially true on WordPress, since it is such a widely used platform.

Fear not! While there are risks to having a website, with proper precautions, you can minimize any harm to you and visitors to your site.  While we want to make sure that you know of the risks, most of the IFA leaders have WordPress sites and enthusiastically recommend it to others. The point is to take the hacking threat seriously and be vigilant.

According to the WordPress Codex, “Security in WordPress is taken very seriously, but as with any other system there are potential security issues that may arise if some basic security precautions aren’t taken…”

If you get hacked it may take you days or more to repair the damage, so the best strategy it to not get hacked in the first place.  The three things we would recommend to deter hacking and minimize damage to your site are:

  1. Read the Hardening WordPress in the Wordpess Codex and take steps based on this.
  2. Always, always, always update WordPress and any plugins as soon as they are available.  Hackers find exploits in existing code and WordPress and other send updates to patch known exploits. Don’t wait till you are hacked to lock the door.
  3. Back up your site frequently and regularly.  If you are hacked, you can restore your site to a pre hacked state easily.  There are plugins and services that automate this for you.