Hackers are crazy busy right now, and WordPress web sites are their favorite target! So far this year, hackers have broken every record to date. In 2012, there were roughly 192,000 WordPress sites worldwide. In March 2014 alone, a single hacker used 162,000 hacked WordPress web sites in just one single attack.
A recent study by EnableSecurity concluded that 73% of the 40,000 most popular web sites that use WordPress software are vulnerable to attack. WordPress is the most popular blogging and content management system in the world and powers one out of every 5 web sites.
The main culprit in these vulnerabilities is violating the first rule of WordPress security—not running the most up-to-date version of WordPress. In fact, if you’re not running the very latest version of WordPress, then chances are that your site is vulnerable to any hackers using simple, free, automated tools.
Here are 5 quick tips on keeping your WordPress web site secure:
- Always run the very latest version of WordPress.
- Be conservative in your selection of plug-ins and themes (and run the latest versions of these).
- Make sure every user has their own strong password.
- Put a Web Application Firewall (WAF) in front of your web site.
- Force logins and admin access to use HTTPS.