WordPress is a most popular Content Management System (CMS) platform for single blogs to large business portals. Today, WordPress is powering over 75 million websites. However, with growing popularity comes with growing dejection. Web-based malware attacks have gone up by 85% in 2016-2017 and since WordPress is a most popular platform it gets more suspicious attacks.

We have faced many instances where our client’s websites have faced vulnerabilities such as SQL injections, PHP code injections & Javascript Malware injections. As a WordPress user how can you protect your website from these injections?

Here are few steps to get started…

1. WordPress Update

Most common attacks/injections happen because of outdated WordPress files or plugins. WordPress has a very great and strong community; as-soon-as, malware is detected, it gets plugged. So it is first basic step to stay updated.

Important Note: Before you update your WordPress version, do take a backup of your website files and database separately. For more information, feel free to contact sharat ’@’ riacube.us

2. File and Folder permissions

Go to your cPanel and set the File permissions to 644 and folder permissions to 755. Files with 777 permissions are ready to welcome hackers to set-up malware base on your website.

3. Make ‘USERNAME’ harder for the hackers!

WordPress lets you give admin access to other user accounts. So, use a unique username instead of ‘admin’ as username for login.

4. Change wp-config.php file location

This is another file which is mostly affected by attackers and by default it is located at your_host/wordpress/wp-config.php. You can move it to the root directory i.e your_host/wp-config.php. This way, you actually befool hackers, b’cos they can’t search your file location, un-till they are in-side your system.

5. Themes and Plugins

Be aware of pirated themes and plugins. Always use themes from trusted sources. These pirated themes and plugins usually contain spam bots which can harm your website. Also, in worst case – they can steal your critical information.

6. Secure Server Connections

HTTPS is most secure way of transacting online. Use sFTP or SSH instead of FTP. Keep your website secure with SSL certificate, it’s not that expensive with us. Check our SSL Certificate page for more information.

7. Regular Backups

As the old precept goes, prevention is better than cure. We surely suggest premium backup solution which can take full & secure backups of your site regularly after a given interval of time.

So, Secure your website and protect yourself from these malware attacks.