Most of the hacker looks for vulnerabilities of plugins and themes aside from WordPress core file because it is easy to penetrate the site. To minimize the risk of attacks, here are our tips on how to harden your site.
- Regular backup. This is a must. Some infections can destroy your site instantly. If your site is hacked, you can easily revert it back from a clean backup.
- Keep your WordPress updated. WordPress actively update its code for security issues. Hackers are constantly looking for security holes to penetrate a site. Updating your WordPress core files regularly will fix this holes.
- Change WordPress Database prefix. WordPress uses default prefix of "wp_" for tables. The bad guys uses SQL injections or automated scripts to access your database.
- Use strong password and username. Attackers use brute force to enter your site. Avoid using common names such as "admin" or "administrator".
Password advice:
- Minimum of 12 characters.
- Must include Numbers, Symbols, Capital Letters, and Lower-Case Letter.
- Not a dictionary word or combined words.
5.Use only well-known plugins and themes. Choose those plugins and themes that update regularly. This will assure you they are fixing the bugs.
6.Use
Quttera Web Malware Scanner Plugin for WordPress to regularly scan your site. This plugin will scan your website for malware, trojans, backdoors, worms, viruses, shells, spyware and other threats as well as JavaScript code obfuscation, exploits, malicious iframes, malicious code injection, malicious code obfuscation, auto-generated malicious content, redirects, hidden eval code and more. You should use both External and Internal scan options to get comprehensive results.