Since early April 2013 WordPress security has been under attack by a “botnet”, which scours the Web seeking unprotected WordPress installs that it can plunder and take over. This attack has used more than 90,000 different computers to access more than 60 million sites online!
The purpose of these attacks is to infect your computer, and enlist it into a network of compromised sites. This can be used for many purposes, including sending spam email, denial of service attacks, spreading viruses and malware, and even more nefarious intents.
Who has this “BotNet” targeted and what exact can I do about it?
So far it has mainly concentrated on WordPress installs where users have neglected to change their default username from “admin” to something more unique.
The program then guesses the password using software targeting common password combinations. It’s a fairly good bet that people using the default username are just as likely to use a common password. (123456 ring a bell?)
How to Easily Enhance Your WordPress Security (Without Doing Too Much Work At All)
Obviously, one of the primary ways to secure your site is to use secure login credentials. Change your username to something that is not the default setting, and use best practices when it comes to setting passwords. This means using combinations that aren’t guessable, usually including upper and lower cases, numbers and letters, and special characters.
Also, be sure and change your passwords on a regular basis. You may have heard this advice before, but it’s what you need to do! This is easy to do, and one of the best WordPress security practices you can accomplish on your own.
Making WordPress Backups of Your Site
Now more than ever it’s absolutely essential that you make WordPress backups of your site. The easiest way to accomplish this is through the use of a WordPress backup plugin. They are easy to install, and can back up your sites automatically, with no extra action needed by you.
Make sure that you schedule backups at least once per month, and that your WordPress software install is up to date. Consider WordPress cloning so as to have a complete replica of your site in the event you need it.
Many people depend on their web hosts to back up their sites, and I’m sad to report that this isn’t a good idea. Webhosts, particularly with shared hosting, often let things slip through the cracks.
Don’t let your site be one of them! Go to www.backupcreator.com to back up, clone and secure your WordPress site right now before anything happens to it.