A couple months ago, my life was swallowed up by hackers.
I was consumed by the meticulous clean-up of several hacked sites, all built on the WordPress platform, and incidentally, all of which are hosted by GoDaddy. Now, I won’t go into a tirade about GoDaddy because that is a blog post for another day and today’s post is the first in a series of how to secure your WordPress site or blog.
Before your eyes start to glaze over because you don’t want to deal with this type of thing or because you’re smarter than the rest of us and you think you already have it all under control, I’m telling you, you NEED to read this post. Don’t you want to know you did everything you could to prevent your site from being hacked? Cause take it from me…clean-up sucks.
Know how much time I spent cleaning up those hacked sites for new-to-me clients I mentioned earlier?
8-10 HOURS EACH! Imagine having to shell out that kind of moolah to pay someone like me, who works on an hourly basis, and who knows what they’re doing, to clean up your site after it’s been hacked. It’s much cheaper for you to read this post. But if you’re going to stop reading here, though, at the very least Bookmark this post or put my contact information in your address book because one day you are going to need it!
Secure your WordPress Administrative Login
Your login is as good a place as any to get started. If you’re still using that same old password you’ve been using since 1992 (you know who you are), or if you’re still using the standard ‘admin’ username and ‘password’ password, it’s time to wake up! You couldn’t possibly be more vulnerable.
Change your username and change your password to NON-dictionary words. Don’t use your blog’s name as your login either – it’s too easy for those Internet hackers who apparently have nothing better to do all day but to wreak havoc on us poor, unfortunate, unsuspecting souls.
Your password should be at least 8 characters including uppercase, lowercase, symbols, and numbers. I know, I know. How are you supposed to remember stuff like that? Simple. Get a password manager. I personally love RoboForm Pro and they even have Robo2Go if you bounce around from computer to computer. Or you can use an old-school notebook and write them down! P.S. You can download these programs directly by clicking these links: RoboForm or Robo2Go
A big problem with passwords is many people use the same one for all their five million online access accounts and that is bad (again, you know who you are). If someone hacks your computer and guesses your password, it’s their lucky day! You’ve just given them access to your entire life.
I know it’s hard to keep up with all those passwords for your five million accounts but you have to do this.
Remember, your password NEEDS to be 8-10 characters, contain letters AND numbers, and preferably at least one symbol such as ! & % @ $ or #. Remember to mix upper and lower case letters, too.
Check back next Tuesday and I’ll share my favorite WordPress Plugins to help keep your site as secure as possible. In the meantime, go change your login information. Please!