The thought of anyone hacking my website and slowly tearing it down page by page without my knowledge makes me so stressed that I wouldn’t be able to sleep for days. It makes me feel so helpless to watch all my hard work under attack, so weak that I cried.
Why cry? Because I got hacked, I cried, and the future of my online business depended on how quickly I was going to act to stop the attacks.
Because I DIY my website, I started with these 4 Fast and Easy WordPress Security Hacks.
The majority of attacks on WordPress websites happens in the wp-admin level.Click To Tweet Yes, the typical extension you use to log into your website to publish a new blog, sales pages etc…www.yourwebsite.com/wp-admin. Hackers target this access point by using a combination of most common usernames and passwords.
Hack #1: Use an uncommon username
Remove the default “admin” username and replace it with something more unique.
Here’s how to effectively change your “admin” username:
- Create a new username.
- Assign the new username the role of administrator.
- Log out and log back in as the new username you created.
- Delete the “admin” username.
- Attribute all content to your new username.
- Confirm deletion.
Hack #2: Keep your website updated
The point of access when I was hacked was not my main website; it was a subdomain on the same server that I neglected to update.
Avoid compromising your website and be sure to keep ALL of them including your sub-domains updated.
Hack #3: Disable trackbacks
Trackbacks are a cool WordPress feature that allows bloggers to communicate with each other. It is a way to alert other websites that you linked to them. Think of trackbacks as the equivalent of acknowledgments and references at the end of a book. Unfortunately, 99.9% of trackbacks today are from spammers selling watches, t-shirts or something else completely unrelated to your website.
Disable trackbacks entirely on your website.
You can do that by logging into your WordPress dashboard, settings, then discussion, and uncheck where it says “Allow link notifications from other blogs.”
Here’s a snapshot to better guide you:
Hack #4: Keep your WordPress directory off access
Your Wordpress website contains many files and some of those files are crucial and need to be secured. One of these folders is “wp-content” which includes all your themes, plugins and media uploads (these outstanding images & PDF’s that took you forever to create on Canva). Hackers use a backdoor technique to access those files and take over your website without you even noticing it.
Make hacker’s job more difficult by keeping your WordPress directory off access. Here’s a budget-friendly way to do that
Did you find these hacks useful?
If the answer is YES, tell me which one was your favorite!
Until next time,