Business Magazine

WordPress Defacement: 6 Ways to Prevent Your Website from Getting Hacked

Posted on the 31 January 2017 by Ajay Prasad @gmrwebteam

WordPress Defacement

For all businesses, the threat of website defacement is something that has to be dealt with on a daily basis. WordPress, hosting more than 74 Million Sites globally, is the biggest Content Marketing System out there and probably is more prone to defacement risks. More than 170,000 WP websites were hacked in 2012.

Any business can be a victim of website defacement. Some famous institutions have had their websites defaced over the past three years. These include the U.S. Geological Survey, several NASA facilities, the U.S. House of Representatives and even technology giant Lenovo.

technology giant Lenovo

However, the majority of website defacement happens to ‘mom and pop’ businesses that rely on web hosting services that don’t have proper security procedures. Sometimes, the businesses may lack the staff and knowledge to secure their own web servers.

In most cases, website defacement leaves the website inaccessible. In worst case scenarios, your users’ Personal Identifiable Information (PII) may be compromised due to cross site scripting. Therefore, it is important to take steps to secure your websites.

If you are using WordPress for your website or blog, here are 6 ways that you can protect your site against defacement.

1. Keep Your WordPress Version Updated

Always keep your WordPress site updated to the latest version. WordPress takes security seriously and constantly releases automatic updates meant to make websites secure. However, having the latest WordPress version will only do so much.

latest WordPress version

If you have an insecure custom theme, your site can still be vulnerable to attacks. Therefore, it’s also important to have the themes and any plugins on your website up to date.

2. Keep Plugins Updated and Remove Unnecessary Ones

Believe it or not, but WordPress defacements can happen easily if you are accustomed to leaving a plugin outdated for long. Hackers find and exploit a vulnerability in a plugin to inject backdoors into your website.

Website security monitoring software Sucuri in its blog reported in June that the WP Mobile Detector was being exploited by hackers and the plugin was removed from the WP plugin repository since then.

Website security monitoring software

An updated plugin comes with bug fixes and security patches which minimize the risk of getting hacked. Make sure to ask your website maintenance team to manually update all the plugins and the theme whenever one comes out.

3. Make Backups Periodically

Before upgrading plugins or themes on your website, backup the entire database. This can be done manually or through free plugins such as WP Backup. You can also make use of the premium plugin Buddy Backup. The plugin cannot only backup your database, but the entire WordPress site files.

4. Strong Login Credentials

Most hackers know the default WordPress login is ‘admin’. With this information, they can easily create scripts that can auto-generate the most common passwords people use. This is known as brute forcing. While changing your login credentials is not guaranteed to make your site hacker-proof, it will go a long way in making the work of hackers more difficult.

Change the default login to something custom, for example, “Bauer2781”. Of course, you should decide on the username you can easily remember. Apart from this, install security plugins such as Brute Force Login Protection to reduce the impact of brute force attacks on your site.

5. Define Keys in the Configuration File

Using WordPress security keys is another way you can secure your site. The keys improve encryption of the data that users provide on your site. To set up the keys, you will need to access the configuration file (wp-config.php) in your WordPress installation. This can be done through the cPanel or by using a file management software like Filezilla.

After accessing the file, go to WordPress Key Generator to generate the keys. Find the following lines and replace the keys with the generated ones:

define(‘AUTH_KEY’, ‘put your unique phrase here’);
define(‘SECURE_AUTH_KEY’, ‘put your unique phrase here’);
define(‘LOGGED_IN_KEY’, ‘put your unique phrase here’);
define(‘NONCE_KEY’, ‘put your unique phrase here’);

Make sure you save the wp-config.php file before exiting.

6. Use Third Party Website Monitoring Softwares

Being a business means you have plenty of tasks in your daily to- do list. And believe me,, it is not easy to monitor and maintain a website every minute. Luckily, there are third-party monitoring softwares like Sucuri that can do the task just for you.

The following is the list of 5 online tools to monitor your website and alert for any defacement

  1. ChangeDetection
  2. IPVTec
  3. SUCURI
  4. OnWebChange
  5. Site 24×7

Ensure Your Website Security

Implementing the tips above does not guarantee your WordPress website will be hacker-proof. If a hacker is really determined and has the resources, he can compromise even the most secure website [the Lenovo example].

However, by implementing the above tips, the chances of your website being defaced will be significantly reduced.


You Might Also Like :

Back to Featured Articles on Logo Paperblog

These articles might interest you :

  • Fighting Aging With Clarisonic

    Fighting Aging With Clarisonic

    This post is sponsored by Clarisonic and Her Campus Media. All opinions are my own. Thank you for supporting the brands that make Caits Cozy Corner possible! Read more

    14 hours, 47 minutes ago by   Cait
    LIFESTYLE
  • Classic Yet Modern Wedding in Athens | Amanda & Andreas

    Classic Modern Wedding Athens Amanda Andreas

    Amanda and Andreas wanted to create a wedding that will combine classic and modern elements together. They chose to decorate their wedding with white flowers,... Read more

    15 hours, 4 minutes ago by   Eleni Balkouli
    LIFESTYLE, TRAVEL, WEDDING
  • Varina by Charles Frazier

    Varina Charles Frazier

    What a writer this guy is! He can craft a sentence or paragraph like nobody's business. Charles Frazier's latest novel is a richly imagined account of the life... Read more

    15 hours, 47 minutes ago by   Vickilane
    CREATIVITY, PHOTOGRAPHY
  • Vintage Wedding Styled Shoot in a Villa

    Vintage Wedding Styled Shoot Villa

    Today we’re sharing with you a unique photoshoot that will transport you back in time! The aim of this shoot was to enhance the beauty of a 1500’s Villa in the... Read more

    16 hours, 24 minutes ago by   Eleni Balkouli
    LIFESTYLE, TRAVEL, WEDDING
  • This Weekend in Antwerp: 22nd, 23rd & 24th June

    This Weekend Antwerp: 22nd, 23rd 24th June

    Here’s the map! Good times! It’s Bier Passie Weekend over the whole weekend on Groenplaats. Bier Passie opens on Friday at 5. The opening hours for Saturday... Read more

    18 hours, 26 minutes ago by   Nessascityblog
    DESTINATIONS, TRAVEL
  • The Sticky Date Pudding to Die for and Amazingly Egg-less Too! - HIGHLY...

    Sticky Date Pudding Amazingly Egg-less Too! HIGHLY RECOMMENDED!

    version;Why will I die for these plain and simple looking sticky date puddings?Simply because it is so insanely irresistibly yummy!!! Perhaps you might do the... Read more

    21 hours, 45 minutes ago by   Zoebakeforhappykids
    FOOD & DRINK, RECIPES
  • Matcha Nama Chocolate

    Matcha Nama Chocolate

    (recipe adapted from Justonecookbook)Ingredients:400g white chocolate, chopped into small pieces (I used Ghirardelli chocolate)125ml heavy whipping cream25g... Read more

    21 hours, 47 minutes ago by   Cathysjoy
    FOOD & DRINK, RECIPES