Call 888-979-9701

Most common Security Problems with WordPress and how to fix them

We will review and secure your site, then have 1-on-1 call to explain what was done.

Problem #1

People running out-of-date themes and plugins. There are literally millions of hacks waiting to happen and the bad guys can get step by step instructions on how to hack your site.
Answer: Update your site bi-weekly or when an exploit that effects plugins you are using is released.

Problem #2

Sadly enough most WordPress installs have the same old “admin” user that came with it by default. Even sadder the top 5 passwords for 2015 were

123456
password
12345678
qwerty
12345

If this sounds familiar remember the vast majority of people also recycle the same passwords between accounts so its a big issue.
http://gizmodo.com/the-25-most-popular-passwords-of-2015-were-all-such-id-1753591514
Answer: Please use a password manager that creates and autofills and change them on a semi consistent basis.

Problem #3

Improperly configured server/hosting.
Insecure permissions especially on image directories.
Improperly set index options opens up file listings and indexing of directories https://wiki.apache.org/httpd/DirectoryListings (lookup google hack)
Answer: Set your files to 664, directories to 755, htaccess to 400.
Here is an htaccess I use for my WordPress sites that might help some.
https://gist.github.com/bhowe/3a89332f596b8ddd5fe5

Problem #4

Don’t have backups.
Answer: Keep backups for 60 days there are a plethora of plugins and services out there. Suggest some in the comments.

Problem #5

Don’t have anyone monitoring or watch the site on a regular basis.
Answer: Install Word fence (A personal favorite) . Configure it to scan your site, and to compare your WordPress core files and plugins again the repository.
How to Configure the Wordfence Security Plugin for WordPress
Wordfence security plugin is a Complete Anti-Virus and Firewall Package for your WordPress install. It not only…
makeaweblog.com

Problem #6

Insecure theme or custom coding.
Answer: Get a professional to do an audit.

  • What is Hardenedwp

    Hardened Wordpress specializes in securing Wordpress websites from malicious attacks. Our proprietary systems secure your site and prevents hackers from damaging your online reputation with a comprehensive approach that includes automated malware scans, automated repairs and backups.