Hackers are crazy busy right now, and WordPress websites are their favorite target! So far this year, hackers have broken every record to date. In 2012, there were roughly 192,000 WordPress sites worldwide. In March 2014 alone, a single hacker used 162,000 hacked WordPress websites in just one single attack.
A recent study by EnableSecurity concluded that 73% of the 40,000 most popular websites that use WordPress software are vulnerable to attack. WordPress is the most popular blogging and content management system in the world and powers 1 out of every 5 websites.
The main culprit in these vulnerabilities is violating the first rule of WordPress security - not running the most up to date version of WordPress. In fact, if you’re not running the very latest version of WordPress, then there is a good chance your site is vulnerable to hackers using simple, free automated tools.
Here are 5 quick tips on keeping your WordPress website secure:
- Always run the very latest version of WordPress.
- Be conservative in your selection of plugins and themes (and run the latest versions of these).
- Make sure every user has their own strong password.
- Put a Web Application Firewall (WAF) in front of your website.
- Force logins and admin access to use HTTPS.