How your WordPress site gets hacked…
There are a lot of advantages to using an open source, module based content management system for your website, but security is not one of them. We live in a time where the complexity of web still overwhelms most and hackers will try to exploit those misunderstandings at any chance they get.
There are quite a few ways your site can be hacked, the most common include:
1. Outdated themes and plugins
2. Outdated WordPress framework
3. Compromised .htaccess files
4. WordPress installations no longer used
5. Username of ADMIN and/or weak password
6. Malware on your local computer
7. Admin username in the author archives
8. Allowable directory browsing which exposes sensitive files such as wp-config.php or php.ini
You may check your site every day and it may look okay to you. But hackers can send all of your search traffic to another website and you won’t even know it!
During some of the most recent WordPress attacks, we discovered that hackers were able to gain access to the author username through a website’s author archives. For this reason, you should also not use your administrative account when composing blog posts.
What you should do instead is, set up a user with editor or author permissions to post blogs from, not you administrative user role.
Or, change your author archives permalink to ensure that your username is not displayed in the browser window or cache.
The Implications of a Hacked Website
1. Wrecked SEO
2. Lost sales
3. Lost customer trust
4. Visitors exposed to malware
5. Your unintentional endorsement of products or services if the hack redirects your visitor to another site
6. Hours of time needed to assess damage and repair your site
7. A backdoor the hacker installs in your theme, plugin or the uploads directory for future access.
And the list goes on. All that being said, you need to be vigilant about WordPress security and that is why we created Wurdey! We have combined the best tools in the industry to keep your WordPress website running fast and secure…
It’s important to understand that any content management system (WordPress, Drupal, Joomla) is ripe to be hacked. And despite many peoples best efforts at locking down their site, the hackers still get in.
For example, recently even Forbes website was hacked, and AWeber experienced a recent DDos(Distributed Denial of Service) attack that disrupted their services.
WordPress runs approximately 20% of all websites so it’s a frequent target for hackers no matter how big or small a company is. Use Wurdey to secure your web presence and hackers will have to find another site to penetrate.