← Back to the Blog

Are You Making These 3 WordPress Security Mistakes?

By Jamin Andrews
Are You Making These 3 WordPress Security Mistakes?

With the amount of websites built on WordPress increasing year or year it is vital that all security concerns are addressed and actioned. It won’t surprise you to know that the amount of hackers specifically targeting WordPress sites have dramatically increased over the years. Luckily for WordPress site owners most of these vulnerabilities are easy fixes that can be done with little to no technical experience required. Best part is it will only take a few minutes to fix these potential loopholes.

1. You still have the default Admin username

When you first signup to WordPress you’ll be given a generic, default username that remains as ‘admin’ until changed. You may have left this as its default as it can be easier to remember, but be wary as by doing so you have already given hackers 50% of the information they need to access your WordPress dashboard. Once you receive your default logins insure you create a new user with the same access level as the admin and then delete the default admin account. By doing this you are stopping any hackers that are specifically targeting admin accounts.

2. You stick to generic, easy to guess passwords

This is a given and you’ve more than likely heard it time and time again. But it’s amazing to see how many people still opt for easy passwords and never move on from ‘password’ being their login password for their WordPress site. Yes, it’s much easier to remember than GHjt68R! but what are the chances someone will ever guess the second? Slim to none. There are a number of password generators online to help you select a strong password that will be difficult to hack. Steer clear of anything that seems simple enough to guess and don’t use the same password for all your logins.

3. You’ve missed one, two or a few of the latest updates

WordPress is pretty good at discovering security exploits and promptly releasing a new update that will fix them. These updates are vital to the security of your WordPress website, and skipping one or more could jeopardise your entire site making it vulnerable to hackers. Most hackers will target websites running older versions of WordPress as they are more easily exploited.

WordPress is a secure CMS but it takes effort from the user to keep it that way. Above are 3 simple ways to ensure your website isn’t vulnerable to hackers, these solutions only take a few minutes to action and can save you weeks if not months of work if your website is exposed. Most of these threats will be minimised by using a managed wordpress solution.