Advertising
Advertising

Help, I’ve Been Hacked! How To Secure Your WordPress Site Against Hackers

Help, I’ve Been Hacked! How To Secure Your WordPress Site Against Hackers

Of the top 1 million websites, WordPress has a 65% share of all Content Management Systems (CMS) being used. There are currently around 64 million WordPress blogs and websites in existence, making it an incredibly attractive target to hackers.

Advertising

wordpress logo

    Just recently, [pullquote position=”right”]WordPress made headlines when it was the subject of a massive botnet hacking attempt, which managed to compromise 90,000 sites.[/pullquote] It did this with a brute force attack, trying to log in with the standard “admin” username and a list of thousands of potential passwords.

    I myself have been the target of WordPress attacks in the past, but by following these simple steps, I’ve managed to thwart off potential attackers since.

    Advertising

    • The number one most important thing is to make sure your WordPress version, themes, and plugins are all updated to the latest version. These updates often include bug fixes and patches to secure against attacks. Updating all of these is easy! When you log into WordPress, the admin bar at the top of the screen will alert you if there are any updates available. Simply click on the update button and you can update everything to the latest version in just a few seconds!

    wordpress updates
      • It’s also important to delete any themes and plugins that you’re not using. Every theme and plugin is another potential way that hackers could get into your site. If you’re not using it, get rid of it!
      • Change your default username. The username “admin” should be one of the first things you change. In fact, if you’re doing a new WordPress installation, just choose a different username to begin with. This default username is how 90,000 WordPress blogs were hacked recently. Unfortunately, it’s all to easy to figure out if someone has changed the default username or not. If you want to see, just look at the screenshot below. If you try to log in with the username “admin” and the wrong password, WordPress actually comes back with an error saying, “The password you entered for the username admin is incorrect.” If that username doesn’t exist, WordPress returns a different error: “Invalid username.” I’m not sure why it announces to the whole world which usernames exist and which don’t, but changing from the default username is one of the best things you can do to improve the security of your WordPress installation.

      Advertising

      wordpress admin login screen
        • You should also change the standard log-in URL from yoursite.com/wp-admin to something else. It amazes me how many BIG websites haven’t even made these simple changes! Give it a try on some of your favourite websites; you’ll be surprised how many haven’t even covered the basics when it comes to security.
        • Set a secure password – don’t use dictionary words. Use a combination of upper and lower case letters, numbers, and special characters. This is not unique to WordPress; you should be employing this practice on anything that requires a password, like internet banking or computer passwords.
        • Enable 2-step authentication on your WordPress site. This is pretty straightforward to do and is something you’ve probably seen if you use internet banking. An example is if you try to transfer money, it will send a unique code via SMS to your phone, which you have to enter in addition to your regular password.
        • Remove all default posts, comments, pages, etc. as these indicate that your site might be fairly new and make it a more attractive target.
        • Change the prefix on your database tables from the default “wp_” to something else. As with the default username, this is something you can actually set when first installing WordPress.
        • Hide your WordPress version number. This way, it won’t stand out to hackers if you’re not using the latest version.
        • Back Up! There are plenty of great backup plugins available, and many are free. If the worst happens and you are hacked, you’ll be back up and running in no time.

        Are you ready for some great news? You can implement most of the ideas above and MORE with the click of a button. How? Install the Better WP Security plugin. It even has some advanced features like blocking IP addresses that attempt to log in (incorrectly) too many times, and you can create a blacklist of IPs. I’m surprised how many e-mails I get alerting me that people are trying to either log into my site or trying to access a URL that doesn’t exist (usually the default log-in page at /wp-admin/). You can also use the IP tracer to see where the attempt originated from (most of mine seem to be from Russia or China).

        Do you have a great WordPress security tip? Leave it in the comments below!

        Advertising

        And if you want to take WordPress to the next level, check out this article: Top WordPress Plugins for the Smart Blogger.

        More by this author

        How to Find the Cheapest Flights How to Get the Best Hotel Deals 21 Ways to Get the Best Travel Deals – Car Rental The Impact of the Electric Car Help, I’ve Been Hacked! How To Secure Your WordPress Site Against Hackers

        Trending in Technology

        1 10 Best VPNs to Browse the Internet More Securely 2 10 Best Monitors for Your PC Under $100 3 10 Best Spy Apps for iPhone in 2020 4 How To Choose The Best iPad Screen Protector (With 10 Recommendations) 5 10 Best Headsets for Video Chats and Conference Calls

        Read Next

        Advertising
        Advertising
        Advertising

        Published on September 25, 2020

        10 Best VPNs to Browse the Internet More Securely

        10 Best VPNs to Browse the Internet More Securely

        When it comes to digital security, public Wi-Fi networks aren’t safe enough, making it much easier for hackers to access your personal data. Whether you are studying in a library or scrolling through Facebook in a coffeehouse, it is vital to have a VPN installed on your device.

        VPNs work wonders when it comes to securing your internet connection. By creating an encrypted tunnel between a remote server run by the VPN service, they protect your personal data from prying eyes. There is a variety of VPNs available on the web, and we have collated a list of the best VPNs that stand out from the rest.

        How to Choose a VPN

        • Free trial period – Free trials allow you to try the product risk-free. The same idea technically applies to those with 30-day full refunds as well.
        • Speed – You want your VPN to be just as fast as the internet speed at home. Good quality VPNs are ones where you see little difference between those speeds.
        • Device connection – Of course, the more devices that can connect to VPNs, the better. It increases the customers’ coverage and the product’s value. You also want to consider compatibility since fewer VPNs may work for Mac or Windows only.
        • Number of servers – The number of servers determines how much capacity a VPN can handle while you are connected. The more servers there are, the more users it can handle without running into potential disconnections or slow speeds.
        • Kill switch feature – Having this feature means that your IP address isn’t exposed if the VPN disconnects for some reason. A lack of this feature is a big deal since the whole reason why you’re paying for a VPN is to hide your IP address, among other things. (Find out how to avoid getting tracked online here: Big Brother Is Watching You Online: How To Avoid Being Tracked)

        Why You Should Trust Us

        Our hand-picked VPNs are incredibly efficient and offer such distinctive features that grant you safe browsing. They outperform many VPNs in terms of both speed and security. Their primary aim is to provide you the utmost security, thus enabling you to surf the web safely and prevent any potential threat from causing harm.

        Among the best VPNs’ many unique features include split tunneling, strict logging policies, high encryption level, and availability of international servers. We have gathered them in this article to enlighten our readers and offer the best pieces of advice before you get one. Therefore, take our word for it, and if you go for a VPN mentioned below, you’d be fully appeased.

        1. NordVPN

        The most popular VPN on the market these days is NordVPN, and it’s easy to see why. It has widespread coverage, offering a selection of over 5,000 servers spanning across 59 countries.[1] Due to the high number of servers, its speed is similar to your Wi-Fi at home.

        Lifehack’s CEO, Leon, has been using NordVPN for many years and wants to recommend it for its remarkable server count in different locations with no-logs policy. The VPN perfectly works with Netflix and Fire TV stick, too.

        NordVPN is also compatible with Mac, Windows, and Linux. You can download the app onto Chrome, Firefox, Android, and Mac OS. Thanks to its massive coverage, it’s easy to connect multiple devices onto these servers.

        In terms of pricing, while NordVPN doesn’t have a free trial period, they argue that their plans are considerably cheaper than those of their competitors. For example, a one-year plan for ExpressVPN costs $8.32 per month, but NordVPN only charges $6.99 monthly.

        NordVPN has a new protocol called NordLynx that is based on WireGuard with speed benefits, though it’s still under development.[2] If you’re looking for general quality and affordability, this is one of the best VPNs around.

        Buy this VPN.

        Advertising

        2. ExpressVPN

        ExpressVPN is the second-best option out there for keeping your privacy while browsing the internet. Like many other VPNs here, they will encrypt your IP address, offer vast coverage, and can have multiple devices connected to their servers.

        Compared to NordVPN, while the pricing point is higher, ExpressVPN’s biggest selling point is the number of countries that their connection covers. Depending on where you are in the world, this may be the only option you have. They have fewer servers — 160, to be precise — but they make up for the low server count by covering 94 countries.[3]

        Cost-wise, your best bet is to go with the yearly plan where they charge $8.32 a month. They also have one- and six-month plans.

        Buy this VPN.

        3. Surf Shark

        With regards to Surf Shark, you can connect multiple devices to its servers, and it’s compatible with Windows, Linux, and Mac. It is also available on Android, iOS, Chrome, Firefox, and FireTV.

        Furthermore, Surf Shark can whitelist apps and sites, letting them bypass the VPN. This, along with the lines of split-tunneling, is another feature that many VPNs offer. The difference is that Surf Shark allows you to whitelist specific apps or any website, while most VPNs will whitelist all sites or none at all.

        The other consideration for this app is the price. While lower-tier plans are more expensive compared to others, Surf Shark’s 24-month plan is priced at $2.69 a month, so it’s cheaper than even NordVPN’s equivalent plan!

        Buy this VPN.

        4. CyberGhost

        Another top-reviewed VPN is CyberGhost. They’ve been around for 15 years and have fine-tuned their offers and features to stay competitive. They provide the standard package of browsing the web and logging into accounts safely and give you access to regionally blocked content.

        The network also maintains security from hackers, malware, and phishing. Aside from that, you can connect multiple devices, and it’s compatible with all kinds of platforms.

        Advertising

        What separates CyberGhost from the others is their extensive coverage. They have multiple servers, and the pricing point is still very low. It covers over 88 countries and has roughly 6200 servers for you to choose from, all while charging $2.75 for their 18-month plan.

        Buy this VPN.

        5. IPVanish

        IPVanish’s prime purpose is to give users online freedom by providing fast speeds and private connections. It’s clear that they can meet that promise as they provide many of the features that have been listed previously from their competitors.

        IPVanish is a part of SugarSync now. What is that, you may ask? It’s a cloud-based service that syncs files across devices and computers for sharing, backup, and many more. What this means is that other devices can access various files and videos so long as they are connected to your specific VPN. Furthermore, it can serve as a backup plan if you get hacked or lose your device for some reason.

        Buy this VPN.

        6. Private Internet Access

        Private Internet Access (PIA) is a remarkably generous company in many ways. Aside from the obvious features, they offer great incentives and discounts for people to try out their products. They claim to be the most trustworthy and reliable VPN around, and we believe that.

        One notable thing is that PIA offers a free two-month trial. Compared to other VPNs to this point, none have provided free trials (though all come with a 30-day money-back guarantee). On top of that, small businesses can avail of their VPN at a discounted rate. There is also the fact that their pricing plans go as low as $2.69 a month for two years, and they let you pay with gift cards.

        In terms of specs, PIA has over 2695 servers that cover 47 countries right now.

        These particular aspects make PIA unique and one of the best VPNs to consider.

        Buy this VPN.

        Advertising

        7. Hotspot Shield

        Hotspot Shield is all about offering protection while you’re browsing the internet or using streaming services like Netflix. The encryption is military-grade, and its speed is ultra-fast. In truth, it is even marketed as one of the fastest VPNs.

        Hotspot Shield offers a plan that only costs  $7.99 a month; however, it’s one of the few in this list to provide its services for free. Like other Freemium apps, the free version comes with limited features. That said, it gives you a much better feel for the VPN.

        Also, take note that the encryption feature is still there, though the limitations in the free plan include connecting to one location in the US and having limited streaming options and speed.

        Buy this VPN.

        8. TunnelBear

        As unusual as a name choice for an online security protection service can be, TunnelBear is nothing short of incredible. It makes our list of the best VPNs for various reasons.

        The biggest one is that the company goes through a yearly security audit. This is notable because many VPNs don’t bother about independent audits to ensure their systems are secure and safe from any issues. This is critical as VPNs have gotten some bad reputation over the years, as TunnelBear has noted in their post about their security audit.[4] The fact that they are doing this annually ensures that nothing is being compromised.

        Furthermore, TunnelBear offers limited services for free, but even their paid plans are pretty cheap. For individuals, you’re merely paying $3.33 per month. The only catch is that you can connect five devices regardless of which paid plan you pick.

        Buy this VPN.

        9. Norton

        Norton has been on the security scene for some time, and it’s actually one of the founders of the internet security industry. It started with virus and malware protection in 1991 and has since branched off to other sectors as the industry has shifted.

        As you might expect from a company that’s been around for a long time, Norton provides excellent services, and a few of their other services have gone into the VPN package. In reality, Norton is the only one thus far to offer a password manager with their VPN services. They provide 50GB of cloud storage as well.

        Advertising

        Norton has one of the cheapest VPNs, considering you can get their deluxe plan at $49.99 per year. That comes up to roughly $4.17 a month. It might be slightly higher than other equivalent plans, but you get a lot of extra value that makes it worth the price.

        Buy this VPN.

        10. StrongVPN

        The final VPN we want to cover is StrongVPN. Like many others, it’s great at blocking unnecessary web traffic and providing a fast and simple solution to navigating the internet without any hindrance.

        StrongVPN has over 900 servers. It is available in more than 30 countries and compatible with all devices. Beyond that, the only notable selling point it has compared to others is that it also offers Sugarsync services and 250GB of storage, irrespective of your chosen plan.

        As for the pricing, their year-long plan costs $5.83 a month, while their month-long one is $10.

        Buy this VPN.

        Bottom Line

        Getting online protection is important these days, and companies recognize this.

        With more hacks and breaches occurring every single day, the best VPNs can provide an excellent haven for many people who value their security and privacy.

        We hope that by putting together this list, you’ll be able to find the best VPN that you can trust and enjoy using. As you can see, there are several great options with no real wrong one out there. Pick the VPN that’s best for you.

        Featured photo credit: Petter Lagson via unsplash.com

        Reference

        Read Next