Screen Shot 2013-04-12 at 2.20.58 PM

WordPress Hacking Running Rampant- THIS Will Secure You!

At A Real Change, we strive to keep everyone safe and inform people when we find new breaking information that involves the security of your website and your business!

There have been an increasing number of threats that involve “brute-force” attacks on tens of thousands of WordPress-centered websites. This can be very scary and has led us to find a solution to recommend to our client.

Now before I talk about the solution below called “Wordfence Security” I want to re-iterate some very important Internet security practices, and if you haven’t done any of them recently, I would strongly suggest you do right away, and then proceed to install the program below!

  1. Change your WordPress login password once every 90 days, and make sure it’s secure. You can generate a secure password for yourself here: http://www.pctools.com/guides/password/
  2. Take the same precautions with your FTP/cPanel login passwords! Can’t stress this enough. If a password is unsecure and sitting in cyberspace for a while, it can (and eventually will) be hacked! Change up your passwords!

Now that we got that out of the way, meet our new friend, “Wordfence Security” (and YES, it is FREE. There is a pro version with some cool features as well for a very low fee) – you can install it through your WordPress plugins panel or by visiting http://www.wordfence.com

To keep things very simple for you, I would strongly suggest installing this plugin to each and every one of your WordPress websites. It is a free “anti- malware-nasty-stupid-dirty-virus-stopper” plugin that is extremely easy to install and use! Once you install the plugin, it will take you through a “startup tour” and can become your best active line of defense on your WordPress blog site to keep hackers out and viruses from being planted on your website by alerting you if any attacks take place! We just got done installing it on all of our sites without any issues, so that means it’s easy to do even on a very established website!

There are MANY confusing options you can set on the plugin after it’s installed, but there was really one section that I really cared to change from the default install settings (I would do your own research on the plugins features to see what works best for you). Under the options section of the plugin where it says, “Scans to include” I would put checkmarks on everything except the one that says “paid members only” (unless you paid for a pro version, of course).

wordfence

Then when your ready, go to the scan page, and click “SCAN” and wait! Don’t freak out by EVERYTHING that it tells you, the main things to worry about are any RED “X” Alerts like this one:

Wordpress security 

Generally, anything that is an issue on your site that needs immediate attention will be listed in red, so make sure to fix those issues by either updating a file, plugin, theme, deleting a bad file (be VERY careful when doing this if you don’t know what your deleting, ask your web developer), etc.

This isn’t anything to lose sleep over, but it does require immediate action to defend yourself, kind of like “changing the locks” on your house. The best way to do so and be proactive with these security issues is for you install “Wordfence Security” today!

You can install it through your WordPress plugins panel by searching for “Wordfence Security” or by going here and downloading it!

http://www.wordfence.com/

 We're here to serve you!

Jeremy Krakowski

Media Director at A Real Change

Jeremy Krakowski