1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

How to protect Wordpress from hacking?

Discussion in 'Content Management' started by Mr.Dog, Dec 1, 2018.

  1. #1
    Hi,

    I'm pretty much a beginner with Wordpress, but I've been coding sites for years.
    Once I made a small Wordpress site and it was hacked in a matter of days, content completely eliminated. Now I want to prevent this from happening.

    What can I do?

    What I first did when installing Wordpress was to changed the "wp" folder into some strange name. As I know, hackers often go for the "wp" name.

    What others tips could you give me?
    SEMrush
     
    Mr.Dog, Dec 1, 2018 IP
    SEMrush
  2. CenTex Hosting

    CenTex Hosting Member

    Messages:
    60
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    33
    #2
    Here are a few tips.

    1. don't use a nulled theme
    2. use plugins from companies that have been around for some time
    3. keep Wordpress updated as well as the plugins
    4. Change the user name to something different than admin and use a more secure password
    5. use a program like word fence to help block attempt into logging into your site.

    Hope this helps.
     
    CenTex Hosting, Dec 1, 2018 IP
    Karen May Jones and Mr.Dog like this.
  3. mmerlinn

    mmerlinn Notable Member

    Messages:
    1,852
    Likes Received:
    213
    Best Answers:
    5
    Trophy Points:
    240
    #3
    No matter what you do, Turdpress CANNOT be made hack-proof. Too damn much UNTESTED bloated code involved for anyone to plug every hole.

    Since you have been coding sites for years, why are you migrating to something like Turdpress? Why not keep coding yourself where YOU have COMPLETE control over security?
     
    mmerlinn, Dec 1, 2018 IP
  4. Mr.Dog

    Mr.Dog Active Member

    Messages:
    898
    Likes Received:
    13
    Best Answers:
    0
    Trophy Points:
    60
    #4
    I am moving to Wordpress to make things easier: post content faster, easier.

    I know about some limitations and disadvantages, but I just have to keep up with the trends. I also want to learn to master Wordpress.
     
    Mr.Dog, Dec 2, 2018 IP
  5. mmerlinn

    mmerlinn Notable Member

    Messages:
    1,852
    Likes Received:
    213
    Best Answers:
    5
    Trophy Points:
    240
    #5
    Good luck. You will need it.

    I tried several different site "designers" years ago and finally got so frustrated with them that I went the opposite direction you are going, and have never regretted it. I wrote my own program to build and maintain my website. When I don't like something, or need to add a feature, I simply modify my program. My program will not do what Turdpress does and Turdpress cannot do what I need done.

    I typically add/modify 200 pages PER DAY for my website, something that NO off the shelf CMS can nor will ever do. Before I wrote my own program, I seldom could maintain even 5 pages per day. Now I can do 40 times as much in the same time.

    Basically I have TOTAL control with my program, so if an issue raises its ugly head, I can swat it, then go back to work taking care of my customers.

    If an issue arises in Turdpress, it often means spending HOURS trying to fix the problem, then once that problem is fixed, discovering that the fix created another problem needing to be fixed.

    You are a coder. As such I don't understand why you simply do not write your own website manager and leave the Turdpress bugs for others to swat.
     
    mmerlinn, Dec 2, 2018 IP
  6. service.komputer

    service.komputer Active Member

    Messages:
    12
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    68
    #6
    - disable user registration, if you dont need it.
    - put login lockdown to prevent login bruteforce.
    - use well known and secure hosting provide or server.
     
    service.komputer, Dec 2, 2018 IP
    Karen May Jones likes this.
  7. dcristo

    dcristo Illustrious Member

    Messages:
    19,587
    Likes Received:
    1,142
    Best Answers:
    7
    Trophy Points:
    470
    Articles:
    7
    #7
    Wordfence is a great security plugin for WordPress.
     
    dcristo, Dec 2, 2018 IP
  8. webhost.uk.net

    webhost.uk.net Active Member

    Messages:
    291
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    78
    #8
    Most points are covered, just make sure to use Cloudlinux to help improve server end security
     
    webhost.uk.net, Dec 3, 2018 IP
  9. Mr.Dog

    Mr.Dog Active Member

    Messages:
    898
    Likes Received:
    13
    Best Answers:
    0
    Trophy Points:
    60
    #9
    I thought similarly, but I was coding every article manually and it was frustrating to write even a single article per day. Let alone, upload it via FTP.

    Then, responsive designs became popular and then more and more requirements and features appeared on the market.

    I saw amateurs (who had no idea of online marketing or SEO) pass me by with their "install 'n' publish" Wordpress sites. They cosmetized them along the way and they do a heck-of-a-lot more than I did in a lot less time. It took them 3 weeks to do what I needed 3 months for.

    Then it became obvious I needed some automatization (yes, I disliked Wordpress a lot and specifically avoided it, therefore I coded).

    I need to swap for Wordpress CMS, because:
    - I just post 'n' it's up! (no long coding for 6+ hours to publish 3-5 articles per day), an article can be done in 15-45 minutes (mine are rather complex with a bunch of images)
    - I can program posts for weeks in advance (the system keeps posting even while I'm away or busy)
    - a few modifications can propagate to the entire site...
    - creating responsive sites is easier
    - etc.

    But yes, I know a plethora of limitations apply, it's easier to hack etc. etc. :( Well, I guess I have to adapt and work something out for that.

    The negative aspect of this all is that besides trying Wordpress about 9 years ago, I haven't been on the platform ever since and moving a 500+ page complex site with its own arborescent structure without ruining the original pages/extensions is... well,... not easy.
     
    Mr.Dog, Dec 3, 2018 IP