Over 23% of all websites worldwide based on WordPress platform. In absolute figures, their number is constantly growing. Cybercriminals therefore not stand indifferent to such figures and do everything in their power to gain access to a huge amount of valuable data and information.
Many owners / WordPress site managers believe that, but "not bad" will find them all in fact we know very well that this is not true. Investigations also reveal that the cost for the "restoration of a fault" is clearly higher than that of prevention. The "shield" of a website will prevent cybercriminals to hijack and will save you the additional problems that will be faced immediately after an attack of a hacker.
Your cybersecurity.gr lists 10 simple tips to protect your WordPress site - some of which will not cost you anything!
1. Use Webmaster Tools to your site
So you can get access to important data, where you can find some "suspicious" change in traffic or queries for example. By Google, for example, the Webmaster of has a plethora of tools that focus on security issues.
2. Updates and ... even more updates
Within the WordPress environment, there are three elements that constantly need updating. In the same WordPress, the plugin and topics (themes).
Updates WordPress Updates: Whether manually or automatically, the WordPress updates correct several issues that constantly arise and are related to the safety of the platform. More about updates can be found here .
Updates Plugin: On the "Plugins" tab you can easily see which ones need updating. The option for automatic updating is also available in this case.
By adding the following code to wp-config.php site file, you will achieve automatic updating Plugin:
Topics Updates: Violation of site can be through the issues. The developers usually correct the problems mentioned them, so make them available to managers and the necessary updates.
By adding the following code to wp-config.php file site will get automatically updated threads:
3. Do not trust everyone
There are currently almost 40,000 plugins that you can install on your site, created by third parties. Be sure to "good intention" of their creators? The most numerous attacks on WordPress websites occur because hidden vulnerabilities in plugins and themes. And of course you should not assume that a purchased plugin or theme will be safer than a free. In both cases, it is crucial to timely installation of the update of a vulnerability discovered.
Before installing a plugin on your site, consider the following:
- The plugin installation will contribute to the functionality of the website or optimize the user experience? If not, then do not install it!
- It has recently updated the plugin? Check the changelog (list of changes and the dates they occurred). If not updated recently, better to avoid it.
- If this is a premium plugin, offer the creators of support? What is the rating of other users? Prefer plugin that their developers and the support they have received good reviews.
- Is there a plugin that combines and integrates features from some other plugin «all in one"? Better to book it, despite the many installation plugin.
- If the source of your free plugin is completely unknown, then do not install it!
4. Perform regular scans on the website
There are numerous tools that you can use to scan your site for any malware, code or other additional information that may have been introduced to him.
Features mentioned the plugin: Wordfence, Sucuri Site Check and Code Guard. Many popular plugin offer a free version that you can download and use.
Thanks to these tools - scanners will be able to locate files that may have been modified without your permission. There is also the possibility of continuous scanning in the background, and display alerts each time found something "suspicious".
Aucun commentaire:
Enregistrer un commentaire