I experienced a brute force attack against my site that forced my hosting company to shut down my site and I had Wordfence installed! I spent 2 days learning that without
The better approach would simply be to make sure you have the correct plugins installed and connect to a service like Cloudflare that prevents threats based on how they route traffic.
Why You Should be Worried
Based on statistics and research, WordPress is probably the most attacked platform that exists for web hosting. Plugins and Themes are the major vulnerability areas along with people not keeping their WordPress installation up to date. According to W3Techs, WordPress accounts for over 29% of the websites on the Internet, so it’s a great focal point for hackers.
You can see monthly activity reports around hacking by Wordfence here: https://www.wordfence.com/blog/category/monthly-attack-activity-report/.
Another really good article about
How I Secured My Site
At the time, I quickly upgraded to Wordfence Premium to enable
As of 2019, my current security setup is using
Recommendation to Secure Your Site
- Make sure you
wordpressand all of your plug-ins are up to date. In general, use as few plugins as possible.
- Change Your UserName if it’s Admin. Admin is the most attempted username from hackers.
- Install a WordPress Security Plugin, such as
WebArx, iThemes, BulletProof Securities, Wordfence or Sucuri Scanner. There are free versions of both.
- Connect to Cloudflare. Check inside your Hosting Platform or Cpanel and enable from there. It will automate the connection.
The above steps will prevent
Still not feeling great about the security of your site? WP Beginner has a great article about security with step by step details. http://www.wpbeginner.com/wordpress-security/
Don’t Wait. Do it Now!