{"id":14589,"date":"2019-03-28T10:40:29","date_gmt":"2019-03-28T09:40:29","guid":{"rendered":"https:\/\/names.co.uk\/blog\/?p=14589"},"modified":"2019-03-28T10:43:37","modified_gmt":"2019-03-28T09:43:37","slug":"harden-your-wordpress-security-with-these-top-tips","status":"publish","type":"post","link":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/","title":{"rendered":"Harden your WordPress security with these top tips"},"content":{"rendered":"<h1>WordPress security &#8211; everyone is talking about it, but why?<\/h1>\n<p>In 2018, 90% of all hacked CMS websites were WordPress sites [1]and you could argue that WordPress is likely to be top of the list as it runs more websites. However its 60% share of CMS sites is too low to fully explain it; there must be other reasons. It\u2019s also getting worse as WordPress\u2019s share of hacked sites is increasing: 74% in 2016, 83% in 2017.<\/p>\n<p>According to Sucuri which carried out the research, WordPress administrators are better than most at installing core updates. Other CMS\u2019s sites are much more likely to be running out of date systems. No, the main reason WordPress gets hacked more often is due to vulnerabilities in plug-ins and themes.<\/p>\n<p>You can search for \u201cWordPress security\u201d and find pages of \u201cwe fix hacked websites\u201d links as well as tips on cleaning up and generic good practice. Here we take a deeper look at the more likely causes of a WordPress hack and how to protect against them.<\/p>\n<h2>What are the risks?<\/h2>\n<p>First, what do hackers do after hacking a WordPress site?<\/p>\n<ul>\n<li>Inject a backdoor (eg a rogue system file) allowing hackers to implement attacks on other sites on the same server<\/li>\n<li>Implement a pharma hack which returns spam ads and can cause the site to be blocked by search engines<\/li>\n<li>Redirect to malicious websites<\/li>\n<li>Use cross-site scripting to steal session data or a cookie from the end-user<\/li>\n<\/ul>\n<h2>Choose WordPress plugins wisely<\/h2>\n<p>In the middle of development, with a deadline to meet, it\u2019s easy to pick a plugin without investigating it. It looks as though it will do the job exactly, and you might find a freebie version. Once it\u2019s in, development can move on and it becomes part of the website, forgotten almost.<\/p>\n<p>Choose a plugin from the WordPress repo, or download it directly from a developer\u2019s website. Look for plugins that have been updated recently, indicating not only their security but bug-fixing and compatibility with the latest WordPress core. Also, check ratings from other users and after downloading, virus scan the plugin.<\/p>\n<p>You can find premium plugins and themes on secondary sites (ie not the original developer) that have been modified so as not to require a license key. Don\u2019t be tempted to use them. They may contain malware; they won\u2019t get updated for bug fixes or core compatibility; and, ultimately, it\u2019s stealing &#8211; depriving the developer of revenue.<\/p>\n<h2>Use the latest versions of everything, not just the core<\/h2>\n<p>The WordPress security team (about 50 people) is constantly addressing vulnerabilities. It\u2019s essential to implement the core changes they deliver, but also plugins and themes.<\/p>\n<p>Regularly check security sites for guidance and new vulnerabilities, this is a must-do for e-commerce websites. Four resources worth checking are:<\/p>\n<ul>\n<li>WP Security Bloggers [2]<\/li>\n<li>WPScan vulnerability database [3] &#8211; which includes sections for plugins and themes<\/li>\n<li>Threatpress [4]<\/li>\n<li>WordPress official security archive [5]<\/li>\n<\/ul>\n<h2>Was WordPress the right choice?<\/h2>\n<p>WordPress is still an excellent choice as a CMS. With such a high share of the market, its future is assured. However, that also makes it a target for hackers and it\u2019s essential to protect against threats. Follow good practice on-site security but give special care to choosing and updating plugins and themes.<\/p>\n<p>&nbsp;<\/p>\n<p>[1] <a href=\"https:\/\/www.zdnet.com\/article\/wordpress-accounted-for-90-percent-of-all-hacked-cms-sites-in-2018\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.zdnet.com\/article\/wordpress-accounted-for-90-percent-of-all-hacked-cms-sites-in-2018\/<\/a><\/p>\n<p>[2] <a href=\"https:\/\/www.wpsecuritybloggers.com\/blog\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.wpsecuritybloggers.com\/blog\/<\/a><\/p>\n<p>[3]<a href=\"https:\/\/wpvulndb.com\/\" target=\"_blank\" rel=\"noopener\"> https:\/\/wpvulndb.com\/<\/a><\/p>\n<p>[4] <a href=\"https:\/\/db.threatpress.com\/\" target=\"_blank\" rel=\"noopener\">https:\/\/db.threatpress.com\/<\/a><\/p>\n<p>[5] <a href=\"https:\/\/wordpress.org\/news\/category\/security\/\" target=\"_blank\" rel=\"noopener\">https:\/\/wordpress.org\/news\/category\/security\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>WordPress security &#8211; everyone is talking about it, but why? In 2018, 90% of all hacked CMS websites were WordPress sites [1]and you could argue that WordPress is likely to&#8230; <a class=\"more-link\" href=\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/\">Read more &rarr;<\/a><\/p>\n","protected":false},"author":17,"featured_media":14183,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[176,1596],"tags":[],"class_list":["post-14589","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-tips-and-tricks"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Harden your WordPress security with these top tips<\/title>\n<meta name=\"description\" content=\"WordPress security - everyone is talking about it, but why? We take a deeper look at the likely causes of a WordPress hack and how to protect against them.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Harden your WordPress security with these top tips\" \/>\n<meta property=\"og:description\" content=\"WordPress security - everyone is talking about it, but why? We take a deeper look at the likely causes of a WordPress hack and how to protect against them.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/\" \/>\n<meta property=\"og:site_name\" content=\"names.co.uk blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/namesco\/\" \/>\n<meta property=\"article:published_time\" content=\"2019-03-28T09:40:29+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-03-28T09:43:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.names.co.uk\/blog\/wp-content\/uploads\/2019\/01\/Capture.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1314\" \/>\n\t<meta property=\"og:image:height\" content=\"536\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Nathan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Namesco\" \/>\n<meta name=\"twitter:site\" content=\"@Namesco\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Nathan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/\"},\"author\":{\"name\":\"Nathan\",\"@id\":\"https:\/\/www.names.co.uk\/blog\/#\/schema\/person\/c4a24823b87b0d365a83bb36d095d471\"},\"headline\":\"Harden your WordPress security with these top tips\",\"datePublished\":\"2019-03-28T09:40:29+00:00\",\"dateModified\":\"2019-03-28T09:43:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/\"},\"wordCount\":576,\"image\":{\"@id\":\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.names.co.uk\/blog\/wp-content\/uploads\/2019\/01\/Capture.png\",\"articleSection\":[\"Security\",\"Tips &amp; Tricks\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/\",\"url\":\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/\",\"name\":\"Harden your WordPress security with these top tips\",\"isPartOf\":{\"@id\":\"https:\/\/www.names.co.uk\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.names.co.uk\/blog\/wp-content\/uploads\/2019\/01\/Capture.png\",\"datePublished\":\"2019-03-28T09:40:29+00:00\",\"dateModified\":\"2019-03-28T09:43:37+00:00\",\"author\":{\"@id\":\"https:\/\/www.names.co.uk\/blog\/#\/schema\/person\/c4a24823b87b0d365a83bb36d095d471\"},\"description\":\"WordPress security - everyone is talking about it, but why? We take a deeper look at the likely causes of a WordPress hack and how to protect against them.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#primaryimage\",\"url\":\"https:\/\/www.names.co.uk\/blog\/wp-content\/uploads\/2019\/01\/Capture.png\",\"contentUrl\":\"https:\/\/www.names.co.uk\/blog\/wp-content\/uploads\/2019\/01\/Capture.png\",\"width\":1314,\"height\":536,\"caption\":\"Website downtime\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"names.co.uk\",\"item\":\"\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Blog\",\"item\":\"https:\/\/www.names.co.uk\/blog\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Security\",\"item\":\"https:\/\/www.names.co.uk\/blog\/category\/security\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Harden your WordPress security with these top tips\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.names.co.uk\/blog\/#website\",\"url\":\"https:\/\/www.names.co.uk\/blog\/\",\"name\":\"names.co.uk blog\",\"description\":\"Welcome to the names.co.uk blog where we talk about domain names, web hosting, online shops, website builders and lots of other cool web related stuff.  Stick around for offers and competition news too!\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.names.co.uk\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.names.co.uk\/blog\/#\/schema\/person\/c4a24823b87b0d365a83bb36d095d471\",\"name\":\"Nathan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.names.co.uk\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b849f2ae94026a2583ec808f66065701dbebe5ca9a87e51fab1269f2853c4a71?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b849f2ae94026a2583ec808f66065701dbebe5ca9a87e51fab1269f2853c4a71?s=96&d=mm&r=g\",\"caption\":\"Nathan\"},\"description\":\"Nathan has been with team.blue since 2005. Now working as a Marketing Executive, he spent many years in the UK contact centre, interacting directly with customers and working through any problems they may have. He is passionate about helping small businesses find the best product to help them succeed online. In his free time, he can often be found on a train travelling around the beautiful British countryside, or curled up on the sofa reading a science fiction novel.\",\"url\":\"https:\/\/www.names.co.uk\/blog\/author\/nathan\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Harden your WordPress security with these top tips","description":"WordPress security - everyone is talking about it, but why? We take a deeper look at the likely causes of a WordPress hack and how to protect against them.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/","og_locale":"en_GB","og_type":"article","og_title":"Harden your WordPress security with these top tips","og_description":"WordPress security - everyone is talking about it, but why? We take a deeper look at the likely causes of a WordPress hack and how to protect against them.","og_url":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/","og_site_name":"names.co.uk blog","article_publisher":"https:\/\/www.facebook.com\/namesco\/","article_published_time":"2019-03-28T09:40:29+00:00","article_modified_time":"2019-03-28T09:43:37+00:00","og_image":[{"width":1314,"height":536,"url":"https:\/\/www.names.co.uk\/blog\/wp-content\/uploads\/2019\/01\/Capture.png","type":"image\/png"}],"author":"Nathan","twitter_card":"summary_large_image","twitter_creator":"@Namesco","twitter_site":"@Namesco","twitter_misc":{"Written by":"Nathan","Estimated reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#article","isPartOf":{"@id":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/"},"author":{"name":"Nathan","@id":"https:\/\/www.names.co.uk\/blog\/#\/schema\/person\/c4a24823b87b0d365a83bb36d095d471"},"headline":"Harden your WordPress security with these top tips","datePublished":"2019-03-28T09:40:29+00:00","dateModified":"2019-03-28T09:43:37+00:00","mainEntityOfPage":{"@id":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/"},"wordCount":576,"image":{"@id":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#primaryimage"},"thumbnailUrl":"https:\/\/www.names.co.uk\/blog\/wp-content\/uploads\/2019\/01\/Capture.png","articleSection":["Security","Tips &amp; Tricks"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/","url":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/","name":"Harden your WordPress security with these top tips","isPartOf":{"@id":"https:\/\/www.names.co.uk\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#primaryimage"},"image":{"@id":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#primaryimage"},"thumbnailUrl":"https:\/\/www.names.co.uk\/blog\/wp-content\/uploads\/2019\/01\/Capture.png","datePublished":"2019-03-28T09:40:29+00:00","dateModified":"2019-03-28T09:43:37+00:00","author":{"@id":"https:\/\/www.names.co.uk\/blog\/#\/schema\/person\/c4a24823b87b0d365a83bb36d095d471"},"description":"WordPress security - everyone is talking about it, but why? We take a deeper look at the likely causes of a WordPress hack and how to protect against them.","breadcrumb":{"@id":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#primaryimage","url":"https:\/\/www.names.co.uk\/blog\/wp-content\/uploads\/2019\/01\/Capture.png","contentUrl":"https:\/\/www.names.co.uk\/blog\/wp-content\/uploads\/2019\/01\/Capture.png","width":1314,"height":536,"caption":"Website downtime"},{"@type":"BreadcrumbList","@id":"https:\/\/www.names.co.uk\/blog\/harden-your-wordpress-security-with-these-top-tips\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"names.co.uk","item":"\/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https:\/\/www.names.co.uk\/blog\/"},{"@type":"ListItem","position":3,"name":"Security","item":"https:\/\/www.names.co.uk\/blog\/category\/security\/"},{"@type":"ListItem","position":4,"name":"Harden your WordPress security with these top tips"}]},{"@type":"WebSite","@id":"https:\/\/www.names.co.uk\/blog\/#website","url":"https:\/\/www.names.co.uk\/blog\/","name":"names.co.uk blog","description":"Welcome to the names.co.uk blog where we talk about domain names, web hosting, online shops, website builders and lots of other cool web related stuff.  Stick around for offers and competition news too!","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.names.co.uk\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/www.names.co.uk\/blog\/#\/schema\/person\/c4a24823b87b0d365a83bb36d095d471","name":"Nathan","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.names.co.uk\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b849f2ae94026a2583ec808f66065701dbebe5ca9a87e51fab1269f2853c4a71?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b849f2ae94026a2583ec808f66065701dbebe5ca9a87e51fab1269f2853c4a71?s=96&d=mm&r=g","caption":"Nathan"},"description":"Nathan has been with team.blue since 2005. Now working as a Marketing Executive, he spent many years in the UK contact centre, interacting directly with customers and working through any problems they may have. He is passionate about helping small businesses find the best product to help them succeed online. In his free time, he can often be found on a train travelling around the beautiful British countryside, or curled up on the sofa reading a science fiction novel.","url":"https:\/\/www.names.co.uk\/blog\/author\/nathan\/"}]}},"_links":{"self":[{"href":"https:\/\/www.names.co.uk\/blog\/wp-json\/wp\/v2\/posts\/14589","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.names.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.names.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.names.co.uk\/blog\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/www.names.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=14589"}],"version-history":[{"count":3,"href":"https:\/\/www.names.co.uk\/blog\/wp-json\/wp\/v2\/posts\/14589\/revisions"}],"predecessor-version":[{"id":14595,"href":"https:\/\/www.names.co.uk\/blog\/wp-json\/wp\/v2\/posts\/14589\/revisions\/14595"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.names.co.uk\/blog\/wp-json\/wp\/v2\/media\/14183"}],"wp:attachment":[{"href":"https:\/\/www.names.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=14589"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.names.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=14589"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.names.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=14589"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}