OMG, my Website is Hacked, What to do?
In this era, if your website is getting compromised or hacking by Hacker frequently. You can keep your WordPress website harden by using the following steps:
- Upgrade your CMS version, themes and plugins to latest version to secure the websites from known vulnerabilities.
- Set strong website admin panel password, email account and change the password regularly.
- Do not store unnecessary files online
- Avoid having directory/files with 0777 permission.
- Scan your local system with a good antivirus.
- Change the email account password immediately.
- Don't save the password in any mail client or in browser the
- Scan the local machine (email configured system) for any malware or viruses.
- Keep updating the operating system and the antivirus program with the latest patches.
About Security Plug-ins:
There are many security plugins available for WordPress that provide a wide range of security and hardening features. There are four types of security plugins, it's important to differentiate between them because each is designed to solve different problems.
- Prevention: Help in protecting your website to be hacked. They often include some form of Firewall solution.
- Detection: Identify and notify if something is off and requires further inspection. This can come in the form of scanners and integrity checkers.
- Auditing: Track and maintain an active log of all the activity on the site (i.e., track logins, changes to themes and plugins, updates, etc..).
- Utilities: Provide a suite of options designed to empower the user to make security-focused changes to their installation
As you think through your security posture and look to integrate a security plugin, consider what you are trying to achieve and how that plugin helps you to achieve that goal. A few more plugins are wp-security-scan, WordPress-firewall, ms-user-management, wp-maintenance-mode, ultimate-security-scanner, wordfence etc.
How to harden WordPress Website:
The hardening a WordPress installation are shared at http://codex.wordpress.org/Hardening_WordPress
Different Types of Security Plugins:
Offers a wide range of security features - http://wordpress.org/plugins/better-wp-security/
Protects your site via .htaccess - http://wordpress.org/plugins/bulletproof-security/
Adds a firewall to your site - http://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
Scans your site for malware etc - http://wordpress.org/plugins/sucuri-scanner/
Full-featured security plugin - http://wordpress.org/plugins/wordfence/
Comprehensive security tool - http://wordpress.org/plugins/websitedefender-wordpress-security/
Exploit Scanner - http://wordpress.org/plugins/exploit-scanner/
If you wish to harden your WordPress website, you can also drop an email at our Support Center, we would like to assist you.
Source URL: http://codex.wordpress.org/Hardening_WordPress