Blocking Hackers in WordPress

Use these tips and tricks to protect your site

Blocking Hackers in WordPress
March 4, 2015 Eddie Renz

How do I block Hackers in WordPress?

In December of last year this site was hacked and blacklisted on Google. They had every right and at the time I had little understanding of how sites were exploited and how once a site is infected it is almost impossible to clean it up. When users tried to visit this site it was blocked at the browser level meaning that Firefox, Chrome and Safari all have partnered with Google to block sites that are spewing out malware.

I was alarmed and upset obviously because this is my business and as a web designer I have a reputation to uphold. How can my clients trust my design and their site’s security if I can’t even keep my own site from being hacked? To be honest, most of my areas of expertise are in design. I understand and write in CSS code and HTML, I use Dreamweaver, Photoshop, Illustrator and InDesign with ease, but I had become lax in the area of security because I had not been previously hacked.

Because of these exploits, I have spent hours and hours restoring my site and helping others setup secure processes on their sites so they don’t get hacked. In this process I learned that websites are constantly being hit up by robots that are scanning and trying to logon to your site. I setup Sucuri Security plugin which will alert you each time someone tries to login to your site and I was surprised at how every site was getting attacked by random login attempts.

So what did I do? 

I first of all changed all of my passwords and made them much more difficult. It is too easy to become lazy and make passwords the same or relatively simple words to remember.

Secondly, I installed Sucuri on all my sites as well as Wordfence. Sucuri will email you the IP Address of the person/robot trying to login to your site and you can block that IP Address with Wordfence.

Third – Deactivate and Delete all plugins that are not being used. Why have plugins activated anyway that aren’t in use?

Fourth – Change the wp-admin login folder to something else using a plugin that allows you to alter this folder. Most hacking tools are going to look for common mistakes and will start with the standard way to access your website. With over 72 million websites using WordPress it is probably super simple to write a script that says to go and look for all sites that follow the pattern http://www.yoursite.com/wp-admin and then to use “admin” for the username and a few common password combinations. As a designer I have been surprised at how many of my clients will use similar passwords like asdfzxcv or 1234Password – any sequence on the keyboard that might seem complex to you is probably the simplest for a program to figure out.

These were some of the quickest and easiest fixes that I did for my site and as new hackers try to access my site I get alerts from Sucuri. These 30 minutes or so of preventative measures can save you hours and hours of headache from a hacker.

Also, you should keep good backups of your site and save your posts offsite in a Word Document. When your site is hacked, depending upon the number of pages you have, it can be very difficult to clean up the infection. So, what I recommend is storing a good clean backup at least every 30 days and then if you have to delete your entire site and start over you can. And since you may lose some of your posts, you can repost them if you have them in a word document. Content for some users is going to be more important than others. I know some clients that pay 100’s of dollars each month for SEO rich content that actually drives good traffic to their website.

This was a hard lesson learned and as I continue to learn more about web security and best practices I will continue to keep you updated.

 

26 Comments

  1. Hairstyles 5 months ago

    whoah this blog is magnificent i really like reading your articles. Keep up the good paintings! You know, a lot of individuals are looking around for this information, you could help them greatly.

  2. 밤토끼시즌2 3 months ago

    742017 83007Nice blog here! Also your website lots up very fast! 560613

  3. Foaeme 2 months ago

    tadalafil generic name – tadalafil generic online tadalafil buy

  4. AgscAxord 2 months ago

    Requip Secnidazole pharmacy prices

  5. AvsfMaychiady 2 months ago

    pharmacy rx one reviews erection pills family pharmacy

  6. JbvdAxord 2 months ago

    vardenafil vs tadalafil tadalafil generic tadalafil reviews

  7. LabdAxord 2 months ago

    levitra 5 mg brand levitra levitra for sale online

  8. MarcosMum 2 months ago

    tadalafil pills: http://tadalafilonline20.com/ tadalafil gel

  9. 422842 74575Very efficiently written story. It will likely be useful to anybody who employess it, including me. Maintain up the good function – canr wait to read much more posts. 20179

  10. KgooFoume 2 months ago

    what does sildenafil do sildenafil 20mg how to take sildenafil

  11. JbvdAxord 2 months ago

    tadalafil pah tadalafil half life tadalafil research

  12. NndoIonig 2 months ago

    best canadian online pharmacy canada pharma limited compound pharmacy

  13. Eytins 2 months ago

    tadalafil liquid – http://xtadalafilp.com/ tadalafil buy

  14. LmoppAxord 2 months ago

    [url=http://essaywriteris.com/]best essay writers review[/url] the best essay writer who can write my essay best online essay writers

  15. LmoppAxord 2 months ago

    [url=http://essaywriteris.com/]the best essay writer[/url] best website for essays write my history essay for me how to write my college essay

  16. KbdnCype 2 months ago

    [url=https://papersonlinebox.com/]custom college paper[/url] buy custom papers online write my paper ghost writer for college papers

  17. MichaelTak 2 months ago

    https://aralenph.com/ – buy chloroquine phosphate
    ed natural treatment

  18. MichaelTak 2 months ago

    http://propeciafavdr.com/ – cheap propecia pills
    natural ed remedies

  19. Dpzibl 1 month ago

    Dqxaeq – buy annotated bibliography paper Bloboj nwrgua

  20. Espasg 1 month ago

    Finhhi – furosempi.com Lbncko bzkxfi

  21. Peterarolf 1 month ago

    http://gabapentinst.com/# neurontin 300 mg coupon

  22. Peterarolf 1 month ago

    http://prednisonest.com/# prednisone medicine

  23. Peterarolf 1 month ago

    https://hydroxychloroquinest.com/# hydroxychloroquine-o-sulfate

  24. Pqzrbh 1 month ago

    Hrolxj – buy clomid 50mg Upsqzv xulhlm

  25. Peterarolf 1 month ago

    http://zithromaxst.com/# zithromax 500mg price

  26. Peterarolf 1 month ago

    https://gabapentinst.com/# neurontin 300 mg caps

Leave a reply

Your email address will not be published. Required fields are marked *

*