Content Marketing Marketing tips Newsworthy

How to Protect Your WordPress Site from Hackers

If you don’t already own a website or use WordPress, I’m sure you know someone who does. Increasingly popular, WordPress is one of the largest content management and blogging systems today.

Although WordPress does a world of good, because of its constant growth in popularity, it’s also increasingly prone to attacks from hackers. Two of the most common attacks on WordPress sites are brute force attacks and URL injections.

I know you’re probably thinking, “I don’t do much with my WordPress site, so it should never be hacked.” However, because of its popularity, if a simple WordPress site can be hacked, sites used for revenue and big-name companies such as the NFL, TED, and CNN can be accessed more easily once hackers determine which hacking techniques work for different WordPress versions.

However, you can take a few simple steps to help protect your WordPress website from hackers.

Don’t Make It Easy: Set Strong Usernames and Passwords

How many of us secure our cell phones with four (or six) digits that any of our friends or relatives could easily figure out? After the third or fourth time that your privacy has been invaded, you’re likely to change your security code to something tougher to crack.

The same goes for your WordPress website. Don’t make it easy for hackers to get in with an easy digit combination or username.

Strong passwords should be anywhere from eight to 15 characters and should include symbols, digits, and a variety of capital and lowercase letters. Avoid simple passwords such as admin1234. Instead, go for passwords that are hard to crack. And if you want to get technical, use an online password generator.

You also should consider limiting the number of login attempts, which can help with avoiding common brute force attacks by hackers.

Use Familiar Plugins

Using familiar plugins is a must when hosting your own website (or someone else’s). WordPress has a variety of secure, safe plugins available when you sign up for an account; some of them are even free. Make sure that you take advantage of these plugins or other trusted plugins by providers, such as YOAST. Knowing where your plugins come from and updating them frequently will avert security breaches by hackers who hand out plugins with malicious malware.

Stay Up-to-Date with Updates

Another way to avoid a hacked WordPress site is to stay up-to-date with updates. WordPress is constantly rolling out a new version of their CMS, sometimes more than twice a month. In November 2015 alone, WordPress updated twice within two weeks.

Although that’s a lot to keep up with, the different versions offer different security settings as well as plugins to better the user experience or work out some kinks in the last update.

Not only should you stay up-to-date with updating WordPress, you also should stay up-to-date with any plugins or add-ons you use frequently. If you find that you aren’t using a certain plugin or add-on as much as you thought, or at all, get rid of it.

Updating passwords and usernames is also a good way avoid from hacking attempts.

Backing Up Your Website

Backing up your website is a good way to preserve all of the hard work, time, and valuable information on your site. If you do ever find that hackers have compromised your site, the latest version of your website should still be available if you took the time to back it up.

Now that you have an idea of a few simple ways to keep your WordPress website secure from hackers, start optimizing your site for a better user experience and to improve your website’s organic visibility with a killer SEO strategy.

Download our FREE SEO checklist here and learn about a few ways to start integrating your WordPress blog content or website into a stellar SEO campaign.

Happy optimizing,


—Keisha James is an SEO Content Strategists at Stream Companies, a full-service Philadelphia-area advertising agency.{{cta(‘b86debdb-a1cb-412f-8ca2-530f36f66bd3’)}}