Just in case you haven’t heard about this in the news, there’s a nasty flare of attacks on WordPress and Joomla sites going on.
Things you can do:
- If your login password is admin – CHANGE IT NOW!
- Likewise, beef up your password. Really, make it un-guessable.
- Install something to slow down a hacker trying to guess their way into your site. Limit Login Attempts is a handy security plugin that does just what it says. (though this isn’t totally foolproof)
- Keep your WP install up to date.
- Find out if your hosting company is doing anything to help prevent attacks.
- Read and follow the advice in the Hardening WordPress documentation.
I’ve been lucky so far, despite some attacks, no one has managed to get into my sites. Â Colleagues with sites that get far more traffic than mine have also reported attacks, but have been safe so far.