Whats the Best way to Protect Wordpress Website from Getting Hacked.
-
Hi All,
I just like to know whats the best way to protect wordpress website for getting hacked. I tried using Wordfence but nothing much happened. I m in shared Host and when ever there is a sign of attack my hosting company takes the site off which affects my site ranking a lot. I m trying to keep all my plugins updated but still it happens . Like to know what other people do . I am open for Paid tool suggestion as well.
Thanks
-
Given what you've shared you either have a target on your back or you have some lingering issues from a past infection. I've seen this before and its a pain is the $%& to deal with, but not impossible.
For preventative measures for anyone with a WP site, I recommend the following:
- Use Wordfence - paid version if you can (minimal cost). Monitor the notifications, use country blocking that you are comfortable with (I disable China, Ukraine, N Korea, and Russia on most sites since most are local sites in the U.S.), and enable front end scanning
- Remove admin account and any other "easy" usernames
- Give all WP users strong passwords
- Use strong FTP passwords
- Don't install any plugins you don't need
- Update everything often! This is the best way to avoid problems.
- Pay attention to the theme you use and they are NOT all created equal. It's not uncommon for some themes to have known or unknown exploits in them, so be careful of the theme you use. Make sure it has good reviews and excellent support. If not, find a different theme.
In your case, I'd do the following:
- Sign up for Sucuri for a year. They will audit your site within 24 hours and will clean any malicious files on the site. Hands down the best service for cleaning WordPress sites. $199.
- Remove un-needed WP users, change all WP passwords, remove Admin or other easy usernames and transfer posts/pages to another user
- Remove un-needed FTP users, change all FTP passwords
- Audit your plugins and get rid of all you don't need
- Keep your plugins, themes, and WP updated.
Hope this helps. It's easier than it sounds when your get a system going.
Joey
-
A more detailed explanation of how you are getting hacked might help
Do you mean you are getting spammy files uploaded to your sites root/editing your current content to include spammy words and links?
The obvious suggestion is to make sure your Wordpress version is up to date but if you are already updating the plugins I would presume you have done this...?
It may be that the hackers have just managed to get into your FTP rather than through your wordpress site so I would make sure you have changed your FTP server password and made it secure.
Are you using any contact forms on your site as this can sometimes be a weakness depending on the plugin used.
Thanks
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Can I define that one area of my website is a regualr news (no subscription) and the other part of the website is news that only subscribers can read?
Hi I have a client that have a news website, he asked me if he can define one area of his website to be a regular news that google can show on google news search results (no subscription) and the other part of the website is news that only subscribers can read? Thanks Roy
Intermediate & Advanced SEO | | kadut1 -
Adding videos to a website
Hello! We are producing multiple videos (each about 1-minute long) for a company website. We have decided to use Wistia to host them, in order get the full SEO benefits of links to the videos. I have two questions: 1. Would it definitely be better for SEO to divide up the videos and place them on the various existing pages of the site that are related to the video content, rather than putting all the videos together on a separate video page? 2. If we do put different videos on different pages, would it be a bad idea also to have a video page with all the videos together? Would this be considered duplicate content? Thank you very much!
Intermediate & Advanced SEO | | nyc-seo0 -
We are moving one website to a different domain and would like to know what is the best way to do it without hurting SEO
The website we want to move, let's say www.olddomain.com has a low quality back links profile, in fact it received a manual notification from google of unnatural links detected; but the home page has a PR 3. We want to move it to a different domain let's say www.newdomain.com. We would like to know if it's better to do a 301 redirect to the new domain, in order to transfer the link juice or if it would be better to do a 302, taking into account that this redirect won't pass any link juice, so it would be like start from scratch with this new domain. Thanks for your help.
Intermediate & Advanced SEO | | DoitWiser0 -
How complex or what to consider when moving from a .aspx webdeveloper to my own wordpress.org website?
Basically my current web developer is not providing me with what a modern website should need to fully utilize online marketing and SEO in terms of blogging, social media widgets, e-commerce and so on. Because of this I have thought of moving to a wordpress.org website run and built by myself. Is this a good idea? What is the best way to migrate and save existing authority (Re-directs etc)? Is there any potential risks or problems that I could encounter that aren't immediate obvious? Many thanks! Tom
Intermediate & Advanced SEO | | CoGri0 -
Links on My website
I am looking to create some more trust on my website by subscribing to BBB. I have heard that my site is penalized and loses "link juice" if I place the BBB logo link in my page footer on every page of my website. Does anyone know how much I am penalized? Should I only put it on my conversion pages and maybe my main 10 sub pages? My main goal is to assist in getting conversions but I don't want to do it at the expense of getting a penalty. Any help is greatly appreciated. Thank you, Boo
Intermediate & Advanced SEO | | Boodreaux0 -
Panda Recovery - What is the best way to shrink your index and make Google aware?
We have been hit significantly with Panda and assume that our large index with some pages holding thin/duplicate content being the reason. We have reduced our index size by 95% and have done significant content development on the remaining 5% pages. For the old, removed pages, we have installed 410 responses (Page does not exist any longer) and made sure that they are removed from the sitempa submitted to Google; however after over a month we still see Google spider returning to the same pages and the webmaster tools shows no indicator that Google is shrinking our index size. Are there more effective and automated ways to make Google aware of a smaller index size in hope of Panda recovery? Potentially using the robots.txt file, GWT URL removal tool etc? Thanks /sp80
Intermediate & Advanced SEO | | sp800 -
What is the best way to learn SEO?
I was wondering if it's worth taking an SEO Training course. If so is it better to take a live class or Online class. Or is better to just read all the SEO Books out there? Or is there a good video series anyone can recommend? What is the best way to learn SEO? I have a good understanding of SEO but I'm not a Pro ( Yet ). Obviously SEO is always evolving so even the Pro's are constantly updating their skill set but I want to make sure my foundation is solid and complete. Advice Please. Thank you all.
Intermediate & Advanced SEO | | bronxpad0 -
Website is not getting indexed in Google! Not sure why?
I just came up with my new blog, its not live yet but the 1<sup>st</sup> landing page is ready, up and running… all is fine but here is the only problem is its not getting indexed in Google and I am not really sure why? .xml sitemap is there Google webmaster and analytics are there Website contain at least that much real social shares that it should get indexed in Google Few Links may be coming from Famous Bloggers and SEOmoz (both sites are very authentic in their respective domains) It’s the 4 day the website is up I don’t think website is not getting indexed in Google just because it contains 1 landing page and a thank you page! Any clue or help will be appreciated. www.setalks.com is the domain
Intermediate & Advanced SEO | | MoosaHemani0