Articles on WordPress Security

The articles below cover different ways you can strengthen the security of your WordPress site to better protect it against hackers. Click the headline to read the full article.

How to Move WordPress to HTTPS – in Simple, Easy-to-Understand Steps

All websites I build have been set up on HTTPS, by default, for some years now. HTTPS is an absolute necessity if you’re running a shop on your site but, even without a shop, you will benefit from greater security, better performance and higher search engine rankings – Google has been giving better rankings to… Read more

What to do if Your WordPress Site is Hacked

Websites are being hacked more often every day. Not only do you owe it to yourself to take every precaution you can to keep the hackers out, you owe it to your customers, friends and everyone who visits your sites. It’s your responsibility to the web as a whole, not just protection for yourself. I’ve… Read more

Ins and Outs of Backing Up WordPress

Interesting question on Twitter today: “Can someone clue me in to backing up my files on WordPress” As the hackers get better and more numerous, it only makes sense to have full backups of your WordPress sites. Once your site has been compromised it will quickly be removed from the search engines’ indices and your… Read more

One of My Sites Was Hacked

Seems like the hackers are after me at the moment: 2 weeks ago my Twitter account was hacked and last week one of my static web sites was hacked. Last week’s hack was particularly embarrassing. I’d sent someone the link to my Web Services site. On the web design page there are some links to… Read more

My Twitter Account Was Hacked

My Twitter account was hacked yesterday. It started sending out the ‘This You..??’ Direct Message to people I’m following. The DM has a link and, out of curiosity (and with bated breath), I decided to see where it went. I closed everything else down so I could invoke AVG quickly and get rid of nasties… Read more

I Hate These People

It’s such a shame that people like this can’t channel their skills into something worthwhile, instead of screwing up other people’s PC’s. A friend called me on Saturday morning because his PC had caught a Virus. Could I help him sort it out, he wanted to know. We met up just after lunch and I… Read more

WordPress Security is Not Just About WordPress

One of my customer’s WordPress installations was hacked and turned into an attack site over the weekend. I got a plea for help on New Year’s Day because she couldn’t view her site or log in – she just got an error message whenever she tried to do either. When I reviewed the file that… Read more

How to Change Your WordPress Username

I was helping someone get their blog configured the other day and we came to setting up WP-Security-Scan – one of the plugins I do recommend. It takes you through some pretty straightforward steps that will strengthen your WordPress installation against mass bot hack attacks. One of the recommendations it makes is to change your… Read more

Backing Up Your WordPress Blog

Update 21 May 2012: This article has been updated with a newer one covering WordPress backups in more detail. You can find the newer article here. Original article starts here: Here’s a question I saw today: can someone explain how to back up my WordPress blog? Backing up your blog is an essential housekeeping task… Read more

WordPress Security: FTP – a Door That’s Often Left Open

I read an interesting article on Wordpress security today on a new site that Jack Humphrey pointed out: WPVote A lot of attention is quite rightly focused on securing your Wordpress installation itself.  But, however secure your WP installation is counts for nothing if you’re leaving other doors open. Common sense precautions It’s worth being… Read more