Several factors can make your WordPress site more vulnerable to successful attacks.
Weak Passwords – Using a weak password is one of the biggest security vulnerabilities you can easily avoid. Your WordPress admin password should be strong, include multiple types of characters, symbols or numbers. In addition, your password should be specific to your WordPress site and not used anywhere else.
Not Updating WordPress, Plugins or Themes – Running outdated versions of WordPress, plugins and themes can leave you open for attacks. Version updates often include patches for security issues in the code, so it’s important to always run the latest version of all software installed on your WordPress website.
Updates will appear in your WordPress dashboard as soon as they’re available. Make a practice of running a backup and then running all available updates every time you login to your WordPress site. While the task of running updates may seem inconvenient or tiresome, it’s an important WordPress security best practice.
Using Plugins and Themes from Untrustworthy Sources – Poorly-written, insecure, or outdated code is one of the most common ways attackers can exploit your WordPress website. Since plugins and themes are potential sources of security vulnerabilities, as a security best practice, only download and install WordPress plugins and themes from reputable sources, such as from the WordPress.org repository, or from premium companies that have been in business for a while. Also, avoid bootleg or torrented “free” versions of premium themes and plugins, as the files may have been altered to contain malware.
Think your website has been infected or is a chance to get infected? It might be time to update your passwords, plugins and themes if you have not done it in a while. It only takes 10 minutes, and could save you hours of pain. Alternatively, you can sign up for our Website Maintenance plan and we’ll do it for you!