I have been reading some posts and notes regarding the attempts that Internet Bad Guys have been very busy lately. The thing is this, the Bad Guys want to break into your Web site to do nefarious stuff. There’s any number of reasons why they try to do this. Sometimes they want to use your site to send huge masses of spam. Other times they want to distribute malware. Whatever the reason, these people want to get in there and cause lots of trouble.
WordPress sites are a logical target. Of course, WordPress sites are not the only types of sites that get hacked. But, because WordPress is the most popular content management system, it stands to reason that the hackers would want to break into sites that use it.
There is nothing inherently wrong with WordPress. It is just a very good target. Because there are certain commonalities between most WordPress sites, such as the standard example.com/wp-admin login page, it easy to find a starting point of an attack. Combine that with the typically poor passwords that many site builders use, well, heck, you can see a boatload of problems.
A good solution toward stopping the Bad Guys is to use a high-quality security plugin. I am not going to mention the one I use. In fact, I am going to be very cagey and not tell you all the steps that I use for protection. I don’t want to give away the secrets. Anyway, my plugin is thoroughly comprehensive. It guides me as I tighten up my site’s defenses. I can even set up blacklists of various kinds and a lot more.
One feature that I like is that it records the IPs of the computers that try to break into my site. It is very interesting to see who is trying to get in.
My advise has three elements. Here they are:
- Use really good hard-to-crack usernames and passwords.
- Do not use the standard example.com/wp-admin login URL.
- Install and set up the best security plugin available.
Keep the Bad Guys out!
PS- Here’s a good site for WordPress security tips – https://www.wpbeginner.com/beginners-guide/reasons-why-wordpress-site-gets-hacked/