WordPress has been always targeted by hackers because of its known vulnerabilities. These vulnerabilities does not limit only to WordPress core files but, most of the times, are the outdated plugins and themes. Securing your WordPress website takes time and should be done in a recurring process. Here are the steps you should take to protect your WordPress.
1. Harden the security of your WordPress.
This article from WordPress codex go through some common forms of vulnerabilities, and the things you can do to help keep your WordPress installation secure. Before proceeding to the steps below, I highly recommend that you follow all the listed steps in the article and execute them.
2. Install Wordfence
This plugin, available for FREE in WordPress plugin store, is a highly recommended security plugin for your WordPress site to help you secure your website. It offers multiple features such as scanning integrity of your WordPress core files, and as well as for malware vulnerable themes, plugins, etc. NOTE AND READ: Since this is a wordpress plugin, make sure you always update it.
3. Rename your wp-login.php
Another great plugin called Rename wp-login.php works to easily rename your wp-login.php which is highly targeted by spammers and hackers trying to get in to your WordPress. This plugin will rename your wp-login.php so you only you will know where to access admin dashboard. However, if you are using the WP comment system, the point of hiding the login page will make no sense because your commenters will have to login in order to comment. Thankfully, Shrewdies wrote a detailed guide to help us fix that.
4. Scan your website
After all the hard-work, you want to make sure your website is really secured. Sucuri SiteCheck provides remote scanning and will report to you if your website is free from malware, and other security flaws.
5. Stay up to date
Know the latest plugin vulnerability.Subscribe to Sucuri’s blog. Being the security firm that we trust, Sucuri’s blog are the most up-to-date when it comes to reporting vulnerabilities simply because… it is their business.
A recent vulnerability affecting WordPress website users using Akismet version 3.1.4 and lower have been identified by Sucuri.net. The vulnerability is about WordPress “Convert emoticons like and to graphics on display“, said Sucuri.net on their official Security Disclosure.
Update as Soon as Possible
If you’re using a vulnerable version of this plugin, update as soon as possible! In the event where you can not do this, please contact Jolly Works Hosting Support.
If you browse using Chrome or Opera, you may have come across times that the browser just displays an error message saying it didn’t load the page as it “Received No Data” and it asks you to reload the page (or in case of Opera, just shows the error message and nothing else).
The bellow mentioned fix doesn’t fix the issue 100%, but reduces the amount of times you face this problem!
Sign in to “Chrome” (the browser, yes) to save your bookmarks, passwords & other browser data. To sign in to Chrome, just open the options tab (located at the top right beside the address bar) and there will be an option to sign in.
Un-install Chrome (since you saved all your data, don’t worry you’ll get it back!)
Install Chrome from the Google Chrome site (it ensures you get the absolute latest version). Log-in to Chrome again to regain all your bookmarks & browser data.
Re-installing may remove the problem completely, but it will help reduce the amount of times this happens.
Your shared hosting account can only use a limited amount of system resources. If you are overusing resources on your hosting account, you should review your hosted sites to see if they match any of these common causes.
Storing large files or file collections
Improperly using your hosting account’s storage space
Sites that promote spamming
Letting anonymous users to spam elements of your website
Unrestricted or anonymous user creation
Letting anonymous users to create site content
Web scraping, indexing, and scanning applications
Hosting applications that scan massive amounts of external site data
Auto-blogging, article spinning, and SEO-inflation
Automating external content creation for invalid SEO purposes
Mass merchant affiliates and cloned websites
Cloning multiple external websites for invalid SEO purposes
Sending massive email campaigns through your web hosting
Outdated applications and add-ons
Hosting applications or plugins that are outdated and pose security risks
Other common causes
Hosting poorly scripted applications, hosting compromised sites, etc.
We are not able to support custom scripting or third-party applications. You can review these guides for general information, but ultimately you will be responsible for diagnosing, troubleshooting, and correcting any issues that can exist in your sites or applications.
Besides the common causes for resource usage, there are some additional possibilities that can contribute to overusing hosting resources.
Is this an issue for me?
Here are some common additional symptoms and causes of resource overusage:
Poor scripting and/or site optimization
Poor code quality in third-party applications, add-ons, and plugins
Websites or applications that have been compromised
Cron tasks or other automation that runs resource-intensive commands
How can I correct this issue?
You can try to correct excessive resource usage by following any and all of these steps:
Review code and error logs for possible loops, errors, or other bugs.
Keep all web applications, add-ons, and plugins up to date at all times.
Ensure that you are following good site optimization practices.
Review any cron tasks that can use additional resources.
Review all hosted content for possible compromise.
Implement additional security measures on your site, such as SiteLock.
Leave shared hosting and migrate to a VPS or dedicated server.
If you are still experiencing issues with resource usage, review your hosting for other possible causes at Common causes for resource overusage (Linux).
You will want to make sure that you are correcting the underlying cause to any resource issue. Simply removing sites and/or files without correcting the underlying issue can cause the problem to recur.