You can’t believe it happened, but it’s true. Your WordPress website has been hacked. And, you didn’t even see it coming.
Imagine that happening to you…
What would you do? Do you even backup WordPress?
If you own a WordPress website, it’s highly likely that your website has been the target of attack by hackers…many times over. And, you’re probably not even aware of it.
Are you asking why a hacker would want to hack your WordPress website? Or, are you thinking that you’d probably know about it if it was really happening? You’re not alone. Lots of people think that, too.
While some hacker attacks are deliberately focused on a given website, most attacks are carried out by countless automated scripts working 24 hours per day. The scripts often are programmed to run through ranges of IP addresses (think of these as street addresses on the Internet). Other than the targeted attacks, your website is just as likely to get attacked as the next one.
And, as far as you being aware of hacking attempts on your WordPress website, it’s highly unlikely you would know unless:
You should know that your site can be compromised without you even knowing it. Everything may look the same, but your site could now be controlled by rogue computers on the web for the purpose of spamming or delivering viruses to the unsuspecting. Maybe, the hacker replaced your AdSense code with his/hers. Lot’s of possibilities exist.
As you read this entire article, you’ll discover:
First of all, I believe that WordPress is a fantastic website platform for a number of reasons. My thanks go out to those that bring us WordPress…for free.
You likely already know that the WordPress team is constantly improving WordPress and fixing security problems. Even so, a standard WordPress installation offers several tempting targets for hackers to exploit, and the WordPress Admin dashboard does not inform you of the hacking assaults against your site on its own.
Most WordPress website owners are surprised to learn that their WP sites have several vulnerabilities and have been under attack since they were first published.
“The first my attorney friend became of aware of any hacking attempts on his business site was when it was taken over by a hacker. And, it was hacked so completely that the hosting company’s tech support could not even rescue the site…a total loss.” ~ Don Roberts
Imagine that happening to you…
One way hackers attempt to gain control of your WordPress website is to simply login on the Admin login screen. The bad guys need two pieces of information to make this happen…a username and a password. Hackers know that many WordPress website owners use the default “Admin” for the username. So, all they need now is the password. And, their automated scripts can keep trying passwords until they find the right one…then, login.
“Always change the ‘Admin’ username to something different, and use a strong password…let your password manager remember them.” ~ Don Roberts
You’ll want to do this right away. It’s easy and it’s free.
Get the “Limit Login Attempts” plugin from the WordPress Codex, and install it. Once you do, you’ll be on your to securing your WP website against the bad guys.
Limit Login Attempts begins working right out of the box. On it’s page in the Admin dashboard, it will begin reporting failed login attempts “by IP address”. It will also begin temporarily locking-out IP addresses for exceeding the number of failed logins you specify (the default is 4 login attempts).
You can even have it email you when a lock-out occurs. The subject line will read “[YOUR URL] Too many failed login attempts”. Ironically, I received one of these emails while writing this paragraph.
Tip – The lock-out notification email identifies the IP address of the locked-out hacker. I entered the IP address into the “IP Deny Manager” in my HostGator cPanel. At that point, the hacker cannot even access the login form through that IP address anymore.
As is obvious by it’s name, this great wordpress security plugin limits the number of times a hacker script can attempt to crack your login.
You’ve got one important WP security vulnerability plugged now. But, you’ll also want to take action on several more vulnerabilities.
Smart WordPress website owners want a complete solution to secure their WordPress websites. The guys at WP Secure Pro have made it easy with their complete system. I bought it and was so impressed with it that I have rolled it out across all of the websites I manage. It’s that good. With WP Secure Pro, you get
The videos are short and to-the-point. The WP Secure Pro system relies on a select group of highly effective – and free – WordPress security plugins that you’ll want to install. You’ll also need FileZilla or a similar FTP client to make quick changes to a few files.
It’s all really easy.
Consider what you would be willing to pay to keep hackers out of your WordPress websites…
In a world of $197 for “this” tool…and $97 for “that” tool, it’s refreshing to know that WP Secure Pro is only $29. But, don’t let the almost give-a-way price for WP Secure Pro lull you into questioning its value. At only $29, you get security for WordPress. It’s a screaming deal!
As you sit here reading this, you begin to realize that your WordPress websites are constantly under attack. When you buy WP Secure Pro, it will be one of the smartest decisions you make to have security in WordPress.
WP Secure Pro just works. Get WP Secure Pro now! It will be like having the house on the block with the burglar alarm on it. The bad guys will just move on to another house without one.
Get WP Secure Pro now! You’ll be glad to have it.
Don Roberts, CLMC
Note: I purchased WP Secure Pro