How can I keep my site from getting hacked?

19 replies
  • WEB DESIGN
  • |
Years ago I had a WordPress site that was always getting hacked. My question:

How can a person who has no programming skills keep their website from getting hacked?

I've seen some web hosts that handle security for you -- but they seem to cost $80 per month.
#hacked #malware #security #site #wordpress
  • Profile picture of the author jibranahmed
    [DELETED]
    {{ DiscussionBoard.errors[11621182].message }}
    • Profile picture of the author dsimms
      Hide your WP admin login
      Install WP two-step verification plugin
      (use Authy or any other supported login app)
      Use Updraft for backups (free) version. If you pay for it, then it will offer a number of features plus backup your data on a 3rd party site such as google, aws, etc.

      ALL of these plugins are free.
      {{ DiscussionBoard.errors[11621268].message }}
  • Profile picture of the author Sourav pan
    [DELETED]
    {{ DiscussionBoard.errors[11621184].message }}
  • Profile picture of the author James Liberty
    Also: Do you think a person without coding skills is better off using a different blog platform?
    {{ DiscussionBoard.errors[11621281].message }}
  • Profile picture of the author AlexWilliams0
    You can't so that much on your own. Two step verification and a few other plugins will help, but I recommend a host better
    {{ DiscussionBoard.errors[11621334].message }}
  • Profile picture of the author DABK
    Install the WordFence Plugin.
    {{ DiscussionBoard.errors[11621464].message }}
  • Profile picture of the author xtrapunch
    1. Use a strong password for WordPress site, hosting account, cPanel and MySQL DB.
    2. Install plugins such as Wordfence.
    3. Use Cloudflare as your CDN and DNS.
    4. Use staging (multiple options available) for creating your website and push all changes to the live site. This way your public website is always backed up at a safe place.
    Signature
    >> Web Design, Wordpress & SEO - XtraPunch.com <<
    Web Design & SEO Agency | Serving World Wide from New Delhi, India

    {{ DiscussionBoard.errors[11622082].message }}
  • Profile picture of the author niftystats
    You must have a secured server where you have web hosting.
    Signature
    Affiliate Stats Tracking - Secure software for analyzing your sales
    {{ DiscussionBoard.errors[11625236].message }}
  • Profile picture of the author webbie
    I agree, Wordfence is great. I also use WP Hide Login plugin by Nicolas Kulka to hide the wp login page.
    {{ DiscussionBoard.errors[11625239].message }}
  • Profile picture of the author e-mail2u
    After having two sites hacked using different hosting providers i actually purchased a web security script to host on my domain. This monitors and protects the site(s), it can protect multiple domains so all my sites are protected
    {{ DiscussionBoard.errors[11625622].message }}
  • Profile picture of the author Himanshu Jakhar
    Use a custom WordPress login URL. Add a Cloudflare to your website. I personally use iThemes security plugin as well. The best thing about WordPress is that you don't need any coding experience at all.
    {{ DiscussionBoard.errors[11625736].message }}
  • Profile picture of the author CristopherCReeve
    1. hide/rename wp-admin URL.
    2. Enable 2FA.
    3. Change database prefix. (Don't use default wp_).
    4. Don't use common usernames like admin
    5. Use very strong password.
    6. Enable manual user registration approval.
    7. Always keep all plugins and themes updated.
    8. Delete all unused plugins and themes.
    9. Use security plugins like all in one wp security or iTheme Security.
    10. Use CDN like cloudflare.
    11. Take website backup regularly.

    I hope this list will help you a lot.
    {{ DiscussionBoard.errors[11626585].message }}
  • Profile picture of the author Pecs4Pros
    Wordfence plugin free
    {{ DiscussionBoard.errors[11627356].message }}
  • Profile picture of the author BerthaCuuler
    I would also recommend Wordfence!
    {{ DiscussionBoard.errors[11628778].message }}
  • Profile picture of the author Naheed
    I also recommend using Wordfence for this purpose.
    {{ DiscussionBoard.errors[11631681].message }}
  • Profile picture of the author Arghya Sen
    There are many steps that you should be aware of.

    1. Keep your website software up to date or click on auto-update
    2. keep your eye always on Watch out for SQL injection
    3. Protect against XSS attacks
    4. Beware of error messages or errors of website
    5. Check your passwords all time and try to change them once a month
    6. Avoid file uploads from any laptop or pc, use only one system for that
    7. Use HTTPS 8. Get website security tools
    So please follow the steps to protect your website.
    Thanks
    {{ DiscussionBoard.errors[11658853].message }}
  • Profile picture of the author AndrewSmith22
    The best thing to save your website from hacker to choose a reliable hosting provider that will give you a top notch security. Secondly there are few security plugins that you need to be installed and configured in your WordPress website. One of the best security plugin is Wordfence that will help you out to save your website from hackers.
    {{ DiscussionBoard.errors[11658880].message }}
  • Profile picture of the author christinablocker
    This is a very common issue for WordPress users. They often ask this question. All the new users of WordPress never know about any malware attacks. My first website got hacked a year back. I read too many articles and blogs and YouTube videos. But when I did not get any solution I get one website that helps users to get rid of hackers. With the help of WPHacked Help is secured my WordPress website. Later I used some security plugins which is very good and now I seeing my website as very secure.
    {{ DiscussionBoard.errors[11659469].message }}
  • Profile picture of the author adammoore
    Wordpress sites have been notorious for being easy targets. Most of the time this is due to outdated versions installed, so make sure to keep Wordpress updated, and find someone who knows how to set up a secure server. Nothing online is secure, but you can do much yourself to keep automated attacks from happening.
    {{ DiscussionBoard.errors[11659975].message }}
  • Profile picture of the author WF- Enzo
    Administrator
    Wordfence. That should work.
    Signature
    {{ DiscussionBoard.errors[11660131].message }}
  • Profile picture of the author ennadeveloper
    Mistakes that Cause Hacking
    • Vulnerable Web Applications
      DNS Poisoning
      CMS Or Web Server
      Shared Hosting on The Same Server
      Cracked Software
      Using Insecure Protocols
      Not using Two-Factor Authentication
    {{ DiscussionBoard.errors[11660169].message }}

Trending Topics