July 9, 2013

keysInternet marketers love using WordPress web sites. There are a huge number of themes already designed to allow you to sell your goods and services or monetise your blog from ads or sponsorships. You can customise and update your site without needing to know any programming whatsoever. You can easily find plug-ins to perform any function you desire, from including a customer forum to integrating with a shopping cart. However, the flip side of this popularity and common underlying structure means that the sites are vulnerable to hackers in a way that individually developed sites are not. The following tips will make your site more difficult to hack, so hackers are more likely to look elsewhere.

Tip #1: Rename the admin account

In order to hack a site, hackers need to know both a userid and a password. If they can guess the userid, they can use brute force to find the password. The obvious guess for a userid is “admin”, the default userid that comes with a WordPress installation. To fix this, from your dashboard, select Users and add a new administrative user. Log off, log back in as the new user, and delete the admin userid. If you like having your posts labelled as from admin, you can change the display name of your new userid to admin.

Tip #2: Use a difficult password

As mentioned under the previous tip, the userid is only half of the information needed by hackers. The other half is the password. If you use a simple password, such as 1234567, or a word that can be found in the dictionary, their automated programs can easily discover it. Similarly, the password should not be anything that someone can guess based on your social media posts. For example, if you talk about your dog a lot, don’t use your dog’s name as your password.

Tip #3: Limit logon attempts

One of the best ways to prevent someone from guessing your password using the brute force method is to limit the number of logon attempts before the account is locked. The plugin to accomplish this is called Limit Login Attempts. To install it, from your dashboard, select Plugins, and search for Limit Login Attempts. Click on Install, and once it has been installed, click on Activate.

Tip #4: Don’t advertise that it is a WordPress site

Get rid of the “Powered by WordPress” usually found in the footer of the site, as well as the Meta links to log on to the site. This will remove the visual signals that the site can be hacked as a WordPress site, preventing casual hacking, although the underlying WordPress structure will still show up if hackers are crawling your site with robots.

Tip #5: Stay current

All of your plugins as well as the theme you use and the WordPress software itself are frequently updated when security violations become known. WordPress notifies you of updates automatically every time you log in, which can be installed with a single click. Remember to back up your files prior to updating.





Sean McPheat

Managing Director

The Internet Marketing Academy



(Image: Morguefile)

Leave a Reply

Your email address will not be published. Required fields are marked *


Follow the IMA

Receive Blog Updates

Enter your email to get more internet marketing tips

Recent Blog Posts

The Qualities All Creative People Share

The Qualities All Creative People Share

Whether you asp ...
3 Mistakes All Start-Ups Should Avoid

3 Mistakes All Start-Ups Should Avoid

If you have inv ...
How To Improve Your Online Reputation

How To Improve Your Online Reputation

An online reput ...
Are Broken Links Holding You Back On Google?
Struggling To Stump Up Blog Content? Try This…



Please enter your details below &
what you're looking for and we will get
back to you with a quote




Your message:


Home | Training | Courses | Contact Us| XML Site Map | Blog RSS Feed | Feed

Internet Marketing Academy
Head Office:
GHL House
12 - 14 Albion Place
ME14 5DZ

Telephone: 0800 000 0000
Email: info@internetmarketingacademy.com

Terms & Conditions  |   Cookie Policy

Follow Us Online