This map shows live hacking attempts on WordPress sites from around the world. WordPress powers one in six websites on the web today. Even more amazing is that all the power of WordPress itself is provided for free!
The image of website hackers as nerdy teens is an outdated image. Today’s hacker not only may belong to an organization or network but may also have purchased well-designed hacking software that is bundled with actual customer support. One of the more popular hacking techniques is a brute force program that guesses passwords, millions per second, based upon the dictionary. For this reason any passwords that are made up of actual words or searchable terms are weak choices and should be updated. When you create a WordPress password be sure to use random and unique passwords. If any of your current passwords are weak upgrade them immediately.
Take a look at some of these true random passwords generated by Random.org. This will give you an idea of how unfamiliar a password should look. If you Google for information on how to create a password you will find outdated information that suggests phrases, names, numbers such as 2013. One of my best techniques is to select a phrase … I like to swim in the ocean.. and then edit it to something like… iL2SiT*O. Random, long, characters these are the guidelines that produce hard-to-break and hopefully not too hard-to-remember passwords.
Prevention of hacking is really important. WordPress is very susceptible to hacking attempts due to the open source nature of the code. Since it’s easy for you to upload new versions of software for your site it’s also a possible vulnerability point for hacker access. Squarespace and other platform builders will take care of all software issues on their end. WordPress Security,
WordPress – How to Protect your Site
Our first line of defense against hacking involves setting up WordPress blogs with appropriate user roles and some technical edits to files and databases. Site owners who are not using our editing and monitoring service are encouraged to make sure they are backing up databases and have added appropriate security plugins. We suggest a collection of plugins for these purposes.
Using the WordFence plugin to block traffic by country can be a great time-saver. I also recommend using WPEngine for hosting due to their robust backup service. If hackers get into your site then just restoring a previous backup is a lifesaver. As a coder, it’s a lot of fun to travel through a site thwarting a hacker. As the owner of an e-commerce, it’s a whole other matter to lose data, customers, information, and up-time. I prefer to prevent all hacking rather than recover from the event! Some attacks are insidious, leaving crumbs of code to regenerate hidden deep in your sites SQL database.