Most of the hacker looks for vulnerabilities of plugins and themes aside from WordPress core file because it is easy to penetrate the site. To minimize the risk of attacks, here are our tips on how to harden your site.
- Regular backup. This is a must. Some infections can destroy your site instantly. If your site is hacked, you can easily revert it back from a clean backup.
- Keep your WordPress updated. WordPress actively update its code for security issues. Hackers are constantly looking for security holes to penetrate a site. Updating your WordPress core files regularly will fix this holes.
- Change WordPress Database prefix. WordPress uses default prefix of "wp_" for tables. The bad guys uses SQL injections or automated scripts to access your database.
- Use strong password and username. Attackers use brute force to enter your site. Avoid using common names such as "admin" or "administrator".
- Minimum of 12 characters.
- Must include Numbers, Symbols, Capital Letters, and Lower-Case Letter.
- Not a dictionary word or combined words.
5.Use only well-known plugins and themes. Choose those plugins and themes that update regularly. This will assure you they are fixing the bugs.
6.Use Quttera Web Malware Scanner Plugin for WordPress