As a WordPress website owner, what are the main security risks to be wary of?
The main security risk of having a website is being hacked. Before talking specifically about WordPress, I’d like to point out that every online website is a target. Many believe that because their website is not popular, or because it does not hold any sensitive information it is not a target.
Hackers are after everything that your website has. They hack a website to host and transfer warez and other forms of illegal files, so they can use free bandwidth, which you pay for. They hack websites to inject links for black hat SEO or to inject malware and infect your visitors so they can use them as bots during a distributed hack or denial of service attack.
Back to WordPress, being a WordPress website owner unfortunately has even a higher security risk. WordPress is so easy to use that the number of non technical people who have their own websites and blogs has drastically increased. Malicious hackers know this and use it to their advantage.
They know that most WordPress websites owners do not go the extra mile to secure it, maybe because they simply do not see any reason to do so. They also know that typically such users install any type of WordPress plugin or WordPress theme without scrutinizing it, thus making them vulnerable and a very easy target. And so because WordPress is very easy to use it is now most probably the number one target for malicious hackers.
What would you say are the most important measures you should take to secure a WordPress website?
Web security is like a living thing, it is constantly evolving. Therefore everything you do should be done with security in mind. To start off with, there are some things that you can do just once to improve the security of your WordPress blog or website, but you still have to always follow a number of rules while using WordPress. By following such rules you will be safe from most of the automated targeted WordPress attacks which typically spread like wild fires:
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.