Latest posts by Alvin Bryan (see all)
- Millionaire Tyupkin Malware ATM Hackers May Come to US, India After Hitting Europe - October 23, 2014
- BitLicense Will Allow Bitcoin Spying in New York - October 22, 2014
- Australians are Fighting Data Retention Laws - October 22, 2014
Over the past years, WordPress has become one of the most popular website platforms. And because it is so popular, it has become a target for hackers. WordPress is also an open source platform, which makes it more vulnerable to attacks. But there are ways to protect a WordPress website from the attacks that it faces every day.
Secure WordPress Logins
Your WordPress site login is the only wall between hackers and control of your website. To further secure it, you should use a plugin to block login after a specified number of tries. You can try Limit Login Attempts or search for one you like that is compatible with your website’s WordPress version. You can also use Memphis Custom Login for the SSL feature, or Scan-to-Login with 2-factor authentication.
WordPress author accounts are also very vulnerable because author bios are public. This means that your author’s live articles on the website, and their names, which are probably the same as their website usernames, are easily discoverable. It can be found through a search engine, or by simply typing “?author=1″ (or 2, 3, etc.) to get the author info. Also, author access is a lot easier to hack than an administrator account. Prevent author account hacks by changing author credentials regularly and redirecting the author pages mentioned above to your website’s home page.
Monitor your Website
You should keep a constant eye on your website so you can detect suspicious activity. One pain of using WordPress is that a lot of people try to spam the website. You may be using WordPress because you like the comments feature and encourage your users to interact. But it makes moderation time-consuming and leaves little for important security monitoring. But don’t neglect to check your visitors, especially if you have a visitor login feature. Always check to see who has been trying to log in to your website. Most visitors will not need to, so login attempts is a good sign that you may have a hacker there testing the waters.
IP tracking and blocking plugins are available so you can find and block the IP addresses of these suspicious visitors. Plugins like Wassup Real Time Analytics helps you track visitors, StatPress Visitors gives you their IP addresses, and IP Blacklist Cloud easily blocks IPs you don’t want visiting again. You will want to block proxy servers as well as hackers hide behind these and they can carry dangerous infections.
Better WP Security is an example of a general WordPress security tool that helps cover known vulnerabilities. You can also try third party software, just be careful where you get it. Malware infected websites and programs are another popular way that hackers get access to websites. Website administrators go in search of security tools and end up visiting a hacker site where they are infected with keylogger software, viruses and Trojans designed by hackers.
Fast VPN for WordPress Security
Using a fast VPN is one very good way of protecting your WordPress site. A fast VPN hides your IP address so you can stay anonymous whenever you are logged on through your admin panel. Having your authors use a fast VPN when they are on the website is also a good idea. Your logon cannot be detected because you are using an untraceable IP address from a fast VPN server. Therefore you cannot be targeted for infection with malware or hacking through your IP data. A fast VPN will not cause the inconvenience of connection slow downs. You will be able to access your WordPress admin comfortably, as usual. So all your website users will be encouraged to use this security tool.
A fast VPN most importantly has strong encryption capabilities and routes everything through a secure VPN server. This means that no data from your website activities can be intercepted and used to hack your admin, or modified to be sent back to you to infect your website. Protecting your website from infection is a very important consideration. Once infected, your website will be under the control of the hackers. And most of the newer infections cannot even be detected. You will only find out that you have been hacked when you find that your website has been altered or you lose access to it. You will by this point have a very hard time getting it back. And by the time you do, the damage could be irreparable.