Ocreative has been creating websites since we were founded in 2003 and has been using WordPress for website publishing since 2013. WordPress has become by far the most popular website publishing platform on the Internet. Because of its popularity, WordPress has become a target for hacking attempts along with many other websites and platforms. Some sites might see hundreds of attempted attacks in a single night. Rest assured, these can easily be thwarted with proper website security measures!
One of the major questions we are asked about hacking is “why would a hacker want to get into my website?” It really isn’t about obtaining your personal information, nor is it about destroying your website. The hacker is after the server on which the website is hosted. In our experience, the number one reason hackers break into a website is to send spam e-mails from the server. Once hackers break into a website, they are able to send out mass spam e-mail messages of the type we are all used to deleting from our inboxes. Not only does this hog the resources of our Web servers, it can actually blacklist servers because of the spam messages. This means personal e-mails from the server start going into the junk e-mail folder when they are received or may even be filtered out altogether.
This makes WordPress security a top priority in our company. We want to keep your website safe and our servers secure. Ocreative uses tools to enhance WordPress security, but it is also up to WordPress users to keep their websites safe by using strong passwords, avoiding sharing passwords or user accounts, and updating WordPress on a regular basis.
Secure Passwords
Always make sure that your password consists of at least one capital letter, one number, and preferably a special symbol such as # or %. It is also important to refrain from using complete words or personal information such as a date of birth or anniversary date. Hackers are savvy and will try to look up personal information about you that they can gather from your website. As a result of the vast amount of personal information across the Internet from sources such as Facebook, Instagram, LinkedIn, and Twitter, it is very easy for hackers to break passwords that are based on personal information.
Your password should not look like this: froggy123
It should look like this: F45gh#!aad
It may look hard to remember, but after you get used to using secure passwords, you will memorize it just like any other password.
Secure Usernames
Hiding your username from hackers is vital in preventing unauthorized access. In WordPress, the administrator username “admin” is automatically generated by default. A simple, but effective, practice is to change this default username to something more secure, such as “yourcompany_login.” Many times hackers will attempt to gain access using the default “admin” username. Changing this username will automatically circumvent a significant number of hacking attempts.
Not Sharing Information
Refrain from sharing your user account information or passwords, especially through e-mail, text, or instant messenger. These forms of communication are not considered secure, and the data you send through them may be stolen and used against you. You also should not write down passwords on paper or keep them in a document on your computer. Although these may be less likely to be stolen, the password is vulnerable to someone walking by your desk or to a hacker who accesses your personal computer through malware or viruses.
Keeping WordPress Up-to-Date
Ocreative currently uses a WordPress hosting program to keep each of our websites up-to-date. This includes updating WordPress core files, themes, and plugins used on your website. Unfortunately, security holes are found on a regular basis in the themes and plugins used on WordPress websites. Developers are always on the move by keeping software that we use secure. This means that the software used on your website may be updated with a new version that patches a security hole existing in an outdated version of that software. If you fail to update this software, the security hole is just sitting out there, waiting for someone to come by and notice it. Hackers love to share information, so once a security hole has been found, it may become common knowledge very quickly. It is important to keep WordPress constantly updated to avoid any security holes.
WordPress security is a constant work in progress, but together with Ocreative security practices and strong user practices, we can make sure your website is never vulnerable to hacking or intrusion. Contact us for details.
About Ocreative
Ocreative is an international award-winning, integrated marketing agency whose work features some of the best forward-thinking organizations and business-to-business companies. Since the integrated marketing agency began in 2003, they have carved out a specialization for themselves with business-to-business companies, nonprofits, and professional service companies. Their portfolio expertly includes marketing and strategy, design, web and digital, and multimedia.