The thought of anyone hacking my website and slowly tearing it down page by page without my knowledge makes me so stressed that I won’t be able to sleep for days. It makes me feel so helpless to watch all my hard work under attack, so helpless that I actually want to cry.
Why cry? Because I got hacked, I cried, and the future of my online business depended on how quickly I was going to act to stop the attacks.
Because I DIY my website, I started with these 4 Fast and Easy WordPress Security Hacks.
Hack #1: Use an uncommon usernameThe majority of attacks on WordPress websites happens in the wp-admin level.Click To Tweet Yes, the typical extension you use to log into your website to publish a new blog, sales pages etc…www.yourwebsite.com/wp-admin. Hackers target this access point by using a combination of most common usernames and passwords.
Remove the default “admin” username and replace it with something more unique.
Here’s how to effectively change your “admin” username:
- Create a new username.
- Assign the new username the role of administrator.
- Log out and log back in as the new username you created.
- Delete the “admin” username.
- Attribute all content to your new username.
- Confirm deletion.
Hack #2: Keep your website updated
The point of access when I was hacked was not my main website, it was a subdomain on the same server that I neglected to update.
Avoid compromising your website and be sure to keep ALL of them including your sub-domains updated.
Hack #3: Disable trackbacks
Trackbacks are a cool WordPress feature that allows bloggers to communicate with each other. It is a way to alert other websites that you linked to them. Think of trackbacks as the equivalent of acknowledgments and references at the end of a book. Unfortunately, 99.9% of trackbacks today are from spammers selling watches, t-shirts or something else completely unrelated to your website.
Disable trackbacks entirely on your website.
You can do that by logging into your WordPress dashboard, settings, then discussion, and uncheck where it says “Allow link notifications from other blogs”.
Here’s a snapshot to better guide you:
Hack #4: Keep your WordPress directory off access
Your Wordpress website contains many files and some of those files are crucial and need to be secured. One of these folders is “wp-content” which contains all your themes, plugins and media uploads (these outstanding images & PDF’s that took you forever to create on Canva). Hackers use a backdoor technique to access those files and take over your website without you even noticing it.
Make hacker’s job more difficult by keeping your WordPress directory off access. Here’s a budget-friendly way to do that
If you DIY your website, you want to grow your potential client list and nail it on social media, and you want to FINALLY avoid costly mistakes, hack-proof and actually keep your website safe from hackers, then I have some terribly exciting news for you… My EZ Website Security opens soon. Get on the VIP list to get a front row seat when it becomes available.