Yesterday’s LockDown WordPress: Security Tips from Sucuri was an incredibly eye-opening time with Sucuri CEO and Co-Founder Dre Armeda and his awesome team.
The reasons WHY you need to do this should be pretty obvious (you don’t want people thinking you sell Viagra, do you?). It is, however, important to know HOW hackers manage to attack your site.
Malware (short for “malicious software”) is a major security issues for website owners, with WordPress sites being especially targeted.
According to Dre, Malware is a software designed to disrupt computer operation, gather sensitive information or gain unauthorized access to computer systems. Staggering malware statistics have been reported including “over 2 million new malware strings reported monthly (McAfee)” and “a cost to US consumers over 2.3 billion in 2012 (Consumer Reports).”
According to Dre, there are a number of ways hackers get into your site, including:
- Encoded JavaScript
- Conditional Redirects
- Pharma Hack (SEO poisoning)
- Make sure you are secure locally – Keep your computer up to date and install an anti-virus solution
- Make sure you are connecting securely – Use an SSL whenever on an unverified connection, consider using sFTP whenever possible
- Check out your hosting company - How many blacklisted sites do they have or are infected with Malware? Cheapest isn’t always best
- UPDATE UPDATE UPDATE - It’s important to have the most recent version not only of WordPress installed, but also of all your plugins
Presentation Slides: http://sucuri.net/WP-End-User-Security.pdf
Thank you Dre, this is a detailed, informative webinar that certainly makes it clear what can happen if you don’t secure your website. I loved it and will be watching it more than once.
I’m glad you point out to keep your local infrastructure secure too. All the steps I’ve read in this article are necessary to be ahead of the attacks. Thanks for putting it together!
This was great. I have experienced a few hacks which were perfectly described here. Security for me unfortunately became a BIG issue, after I was hacked. I wish I had listened and sorted these things before!!!!!
If you have not secured to the best of your ability, go do it, cos these threats are very real and happening all the time.
Brilliant ebinar. Loved it
Excellent webinar, with some very helpful tips. I have a question though, about hosting providers. The advice was given to check out how many blacklisted or infected sites are on a hosting provider. Maybe I missed it, but where would I find this kind of information?
Thanks!
[...] WordPress theme and plugin creator iThemes recently partnered with Sucuri (web security service) created a WordPress Security video tutorial specific to WordPress websites: Lockdown WordPress: Security Tips from Sucuri. [...]
By taking 2 simple steps you can increase security during installation
1. Create a hard name for database
2.Create different username for rather then “Admin”
For more security tips you can visit this link http://techsloution4u.com/wordpress/7-usefull-wordpress-security-tips.html
Hope this will help.