Is secure my website from attacks?
Today it is common to see that most websites are developed using WordPress as content manager. Usually, for rapid and efficient development and templates developed by third parties, additional charges are used, adjusting the design of the new website and its contents.
What most customers or users do not know is that these CMS bring some security flaws that could compromise our website and the information it contains.
According WP White Security, more than 70% of the facilities about WordPress on the Internet are vulnerable to hacker attacks. Not only that but in 2012 more than 170,000 sites were online stores. This leaves us much to think about sharing our data in one of these sites.
Yet you ask, but I have not an online store, and my site has almost no visits nor any relevance on the internet. You should pay attention to the safety of my web? Well if you keep reading you will see that other things will be affected your site or your data.
Even if your website lacks relevance Internet or not an online store, hackers can use it as a gateway to send spam or spam among others.
First we must understand where they come from or what are the vulnerabilities of WP. Some statistics help us understand what the possible security holes that attract a hacker
WP White Security said:
- 41% of sites were hacked by vulnerabilities provider hosting.
- 29% of sites were hacked by vulnerabilities found in WP template.
- 22% were hacked by vulnerabilities in plugins installed.
- Only 8% were hacked by the use of weak passwords.
As we can see is very important to choose well who will be our hosting provider and domain, and more tempting than Parez and use free providers, these are the best place for a hacker where to look for victims, usually by their low level of security.
# Service Provider or Hosting
It is advisable to hire providers known as 1 & 1 to one.com, which have their own firewall systems and security rules, plus regular updates to their servers. Mind you, this does not guarantee 100% that a hacker can not go to our website, but if minimizes possible to do it for failures in our hosting service.
# WP Themes or templates
Avoid using free templates that are not the official repositories WP, usually these free templates circulating on the Internet are full of security flaws, some intentional, which are used as rear by other doors to access our site. So if possible we recommend downloading your templates from the same web site WP or go to pay sites as Envato or Theme Forest.
# WP Plugins
Here is one of the easiest ways to create vulnerabilities in our sites. Many times we are tempted to install plugins that we found on the internet and make no reference to page WP, but its functionality and being free lead us to download and install. If possible avoid installing plugins that have no known sources on the official website of wordpress or some trusted site like Theme Forest or Codecanyon.
# Weak passwords
Avoid using passwords too easy. You will be surprised how many sites whose passwords are still 1234 or admin. Not to mention that the administrator user admin even still calling themselves! By default when you install WP, this creates a user whose name is admin, avoid using this name and if your site already has, then try to turn it off. Please note before creating another administrator user that mitigates the old 🙂