Tag: wordpress hacking

WordPress Hacking. Articles with this tag include information to educate WordPress site owners about the chronic problemwith hacking attempts.

The core WordPress platform is reasonably secure. WordPress hacking vulnerabilities are typically found in plugin weaknesses, or poor site management practices. WordPress users should educate themselves on best practices for usernames (actual and displayed), develop strong passwords, do not share passwords, and change passwords at least once a year. It is a good idea to write your password on paper and secure it in an offline location. WordPress administrators should employ special WordPress security plugins such as Sucuri and WordFence. It is recommended to use the premium version of WordFence, and actively manage this plugin.

WordPress designers and developers should be familiar with plugins that are known to be secure, and avoid using weak plugins. Although now corrected, in 2014 the Revolution Slider plugin had a security vulnerability which allowed thousands of WordPress sites to be hacked.