Protect Your WordPress from Hackers and Bots

Lately there have been massive brute force attacks targeting specifically WordPress websites. It’s definitely more important than ever to make sure you have all your security measures in place. Go through this checklist to protect your WordPress website from hackers and bots.

lockouts

Create a unique username

Most attacks target the fact that the default WordPress username is “admin” – so it’s about time you changed that. Learn how to change your username and make sure to delete unnecessary users as well.

Create a super strong password

This is a super important aspect… don’t make it easy to guess your password. Think variety – letters, numbers, symbols, lowercase, uppercase – and a fair amount of characters, so it’s not so short. Often bots will use related words and terms to your website to try and “guess” your password, trying all combinations.

Keep WordPress updated

I can’t stress the importance of keeping your WordPress, plugins and themes updated! When an update is released it’s usually to fix something. So to prevent hackers from exploiting on the old version that has a bug, you should definitely update. There’s no reason not to – go with the future of technology! Update!

Use security plugins

There are variety of WordPress plugins to choose from that help with security. I make sure to have at least Limit Login Attempts activated. It basically blocks bots from trying to log into your WordPress admin through brute force… guessing the username and password. Even if you accidentally forget your password or mistype, you wouldn’t do it more than 3 times… so it’s a good way to block out suspicious login attempts.

Consider using Cloudflare

CloudFlare is a service that protects and accelerates any website online. It can help to prevent bots from overwhelming your website and making it go down just from sheer volume and bombardment of requests. My hosting company, Bluehost actually offers it in their control panel. It’s something to consider for extra protection at the hosting level.

Hopefully these security measures combined will keep the bad guys away from our websites. It’s worked for me thus far! Be prepared and be secure in your business.