Site Security

Site Security

Aside from violent criminals, there isn’t any group of individuals more worthy of your despise than computer hackers.

Governments and businesses spend $1 trillion a year for global cyber security. According to a newly-released report sponsored by McAfee, global cyber crime is costing up to $500 billion each year, which is a heck of a lot of money and a drain on the global economy that matches drug trafficking.

In the US alone, as many as 500,000 jobs are lost each year from costs associated with hackers and hacking.

So what can you and your little WordPress site do to protect yourself from being hacked?

There are reputable companies like who will monitor your site 24 hours for suspicious activity, but there is a fee — definitely worth it if you have the budget, but for some small businesses that extra little bit a month is a luxury they can’t afford.

So for free, here are a few very simple steps to take that will help keep your site safe.

1. Everybody’s number one rule — choose a real password. You may think choosing your grandma’s last name is great because no one knows it, but that’s not how it works. The hackers are using sophisticated techniques to crack passwords and of course start with “real” words, names etc. Choosing a password that is NOT a word and has a combination of symbols and numbers is your best bet.

2. Don’t use “admin” as your user account name. Change it immediately and make it unique but memorable. WordPress will let you choose an alias that shows on the site so even if you use something that doesn’t sound human to sign in, your public will see the name that you choose for them to see.

3. Download limit login attempts plugin immediately. Before you do make sure you have written your admin and password down and stored them in a safe place, but what the limit login does is lock a user out for repeatedly choosing the wrong login information. It seems so simple but it’s an effective tool. I get the email alerts all the time that an ip address from China or Russia or even Bakersfield has been locked out of my site for repeated incorrect attempts.

4. Download a security plugin — it’s free and even if you just keep the default settings it will go a long way in keeping your site safe.

So, there are many, many more actions you can take that will protect your site, but from my experience working with small business, if it isn’t easy, they may not do it (which is human nature), but these four tips alone are easy and will make a huge difference in your site’s security.