Don’t be the easiest target for WordPress hackers.

What’s the best way to keep the WordPress hackers out?

Don't want to get hacked? Don't make it easy on them.

Don’t want to get hacked? Don’t make it easy on them.

WordPress hackers are usually bots (robots). They don’t really have personalities, they don’t really care what your site looks like or how much traffic they have. They just want the quick Smash & Grab.

If you leave your iPad on your front seat, you’re just tempting the thief.

I witnessed a guy looking through car windows with a flash light in the middle of the night (yes, I called the police). Most cars was just a quick glance. He knows exactly what he’s looking for, what it looks like, maybe even where in the car it usually is.

There was a pickup truck on the street with all kinds of stuff in it. He spent a bit of time on that one, looking through casually to see if there was something worth breaking the window for. I would venture to say that this is already more effort and thought than a WordPress hacker does when he’s going to break into your site.

The WordPress hackers is looking for the iPad on the front seat. He might not even need the flashlight for that one. Boom, smash, grab and run.

What’s the WordPress security breach equivalent of the iPad on the front seat?

Easy passwords are one. I’m no hacker, I don’t actually know how they do all this stuff. But I know they have bots that sniff and look for the easy way in. If they find it, boom, they’re in, do their business and move on. It’s nothing personal, just business (albeit shady, illegal and really annoying).

The latest version of WordPress has a built-in stronger password tool. So here’s a tip: use it.


About the Author:

I've done the big corporate thing. I've done the creative writer thing. Now I'm happily in the middle. I like to help small businesses who are interested in "working their website before their website works them." I'm also interested in creating beautiful sites with powerful WordPress themes. Google+


  1. Writing Every Day Beyond 1,000 Posts August 24, 2015 at 10:15 pm - Reply

    […] Don’t be the easiest target for WordPress hackers. (Aug 24) […]

  2. Ali S August 28, 2015 at 11:16 am - Reply

    Two other things for which hackers (or their automated bots) look…

    – out of date WordPress: it’s not uncommon for vulnerabilities to be found in the WP engine, and _especially_ in plugins! So it’s critical to keep one’s WP engine, plugins and perhaps even themes patched and up-to-date.

    – plain text passwords: if a hacker really wants to break into your site, they can perform a “man in the middle” or similar style attack to attempt to capture your password as you type it into the WP panel. Since most WP-based website do not use SSL (https) encryption for the admin interface, capturing one’s password in this manner is fairly trivial for a hacker. SO SET UP SSL for your admin pages! Better yet, enable SSL for your entire site, and you’re protecting not only yourself but your customer.

Leave A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Pin It on Pinterest

Share This