Make Your WordPress Site Security A Priority

wordpress-security Happy Canada Day to my fellow Canadians – the sun is shining, the water on the river is sparkling and my kayak is beckoning – it’s a great day.

The last week or so has been somewhat of a challenge though. This blog was so thoroughly hacked that we had to take it down for several days while it was passed over to an expert to clean all the nasty code out of the files. I am indebted to Regina Smola of WP Security Lock for fixing all the nasty stuff and creating a much more secure environment for all my sites. I wish I had given more attention to security issues from the outset but I’ve learnt a lot over the past few days that I want to share.

WordPress is such a great platform for a vacation rental web site and I’ve been promoting this for quite a while as the best DIY solution. However, I’ve not focused on the security aspects of setting one up, as it was never at the forefront of my mind. After all, why would anyone want to hack my little site? After talking with Regina I appreciate now that the size of the site doesn’t matter one jot to hackers – everyone is at equal risk – and the only way of avoiding the risk is to set up solid security measures right at the start.

I’m hoping to get some interview time with Regina next week to get a few tips for my readers, but to kick off with, take a look at this video post on her blog covering password security. Changing all my passwords was the first thing I had to do, and it made me realize how sloppy I’d been across the board with using a core password and variations on it. It seemed clever at the time, but I now realize how naïve I’d been.

Now I’m more security conscious and am seeing these precautions as less ‘boring’ and more of an absolute necessity. I’ll be posting more on the topic in weeks to come but would be interested to hear of any experiences readers have had, or if this post is a call to action for you.

Image by Peter Foret on Flickr

John Hobson

Heather, it’s important to realise that the effects can be long term too and are not restricted to WP sites.

In my other life I am a management consultant and had established a (non WP) web site back in 95 that held the Google #1 slot for the principal keywords of my speciality for many years. One day earlier this year someone hacked the site and filled it with porn / drug ads. Google delisted it before I realised and although I am now back in Google I am not even on page 1. The impact on page hits has been disastrous. This is NOT a minor event when it happens to you is it!

Regina Smola

Hi Heather,

Thanks for sharing your story about what happened to your WordPress site and how important security is. I was glad to help and look forward to doing a interview with you.

Comments are closed