First things first, WordPress is great, it’s our CMS of choice for all of our clients, but, because it powers over 40% of the web, it does make it susceptible to hackers. You can however run a perfectly safe WordPress installation by taking a few precautions.
What do these hackers do?
Hackers execute a Distributed Denial of Service Attack (DDoS) attack. A denial of service (DoS) attack is a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet.
Alternatively, they try to infiltrate your WordPress database or install. Usually by creating a single PHP file which, when executed, creates various other files across the root and sub directories of an installation.
How do I protect my site from WordPress hackers and malware attacks?
- Don’t use defaults.
- Install an anti Malware plugin. We recommend GOTMLS anti-malware, we have used this to recover clients sites in the past and can’t recommend it highly enough.
- Install a security plugin. There’s lots to choose from, we recommend Wordfence, or All in One WP
- Install a backup plugin for the future.
- Speak to your hosting provider about installing additional security at the server level.
- If all the above fails, or looks to hard, then speak to US, we would love to help!