Losing faith in W'press - HACKERS!

Joomla or ModX are viable options. They both have a bit of a learning curve, especially compared to Word-press, but they are in fact more secure.

Keep in mind that Joomla (like WordPress) is also Open Source software, and therefore is much easier to hack. After all, the source code is freely available to anyone - a real bonus if you are looking to exploit it. So simply moving to Joomla will not make your site immune to hackers.

There are a number of security precautions that you can apply to WordPress (or for that matter Joomla) websites, between that and a good backup strategy you may be able to minimize the damage done by hackers.

If your site is really only 4 or 5 pages you may even consider a static HTML or PHP design. It is much more work to maintain, but on a small site it may be a better choice in order to deter hackers.

Bill

Don't blame the platform.

I have over 450 of my own sites and 300 or so hosting clients running on wordpress (properly secured and plugins updated) and never been hacked.

I work for several local clients on cheap hosts and nothing but problems. They pay me $125/hr. to clean the hacks but won't spend an extra $5/month to move to secure hosting

Yes - I agree with dlmartin - don't blame the platform.

There are a number of common sense steps you can take to protect WordPress but it's not just about WordPress. You need to protect your entire online environment.

This article talks about what happened to one of my customers when her WordPress installation was hacked and how we fixed it - and she's not been hacked again since:

http://www.wealthydragon.com/blog/20...ity-wordpress/

Cheers,

Martin.

I've been using Wordpress for 5+ years now and has never been hacked. Do you upgrade your software often when an update is available?

Website hacks that I have observed and fixed have all been as a result of insecure ftp from the desktop of an infected pc - and not as a result of the wordpress platform. This may not be the case for everyone - but it's just what I have observed with over 20+ infected sites I have dealt with (not all where wordpress).

With any software (open source or not) keeping it updated to the latest version (including plugins) is a must & will help.

But not even updating will help if your pc is infected and if you are using insecure ftp such as filezilla etc - most all ftp programs will store your hosting logins on your pc without encryption, and this is 100% the reason I have seen that websites (wordpress based or not) get hacked.

When you visit an infected website (there are many with this problem) malware is downloaded and looks specifically if you have an ftp program installed - it then finds all the stored (unencrypted) login details for your server, and the rest is history...

I do not use desktop based ftp any more - I now only go through cpanel to upload / organize & edit files with secure SSL.

I would advise having good virus protection & strong firewall settings for being online, keeping your browser operating system updated, checking your pc thoroughly for malware and viruses, change cpanel logins, get your wordpress & plugins updated to the latest version, and staying away from desktop ftp.

Unfortunately, in addition to the above - in the case of repeated hacks you may need to delete website cpanel account / database and start over on a new cpanel account or hosting to really ensure there is nothing malicious left on the server that picks up and works around your security measures.

Hope this helps.

Leon

well... 3 years up with wordpress, and none of hackers can breaktrough mine.

may be you used a simple password? for complete guide how to secure your wordpress, you can read my article here.

Wordpress ranks higher, and is secure if you set it up correctly. The default setup is not very secure.

I have to agree with a lot of the comments here, WordPress can be very secure it configured properly and installed on a secure host. I wrote a fairly comprehensive guide that anyone can follow along with to secure their WordPress install. I use WordPress for about 60% of the sites I build for clients and have no more troubles with them than I do any other site.. If you want some reading material feel free to check my WordPress Security How To post (or don't and pay me $150/hr to fix it for you later)