WordPress, the world-famous content management system that powers around 27% of all websites in the world, is a constant (and sometimes easy) target for hackers.

Vulnerabilities like the SQL-Injection (detected by security analyst Anthony Ferrara) present a serious threat not only to the site itself but also to any visitor. Attacks under what’s known as “drive-by malware” are occurring at an increasing and alarming rate and it is the website’s administrator sole responsibility to keep his/her websites patched and secured.

We recommend some basic but effective ways to protect your WordPress website:

  • Install and properly configure an SSL certificate
  • Login to your WordPress Dashboard frequently and make sure all the Updates are being installed (WordPress core, themes and plugins)
  • Install security plugins that monitor and report your site for attacks and intrusions – we like and recommend Wordfence.
  • Host your site with a reputable and professional hosting company and make sure you ask all the questions you want about what do they do on their end to keep your site safe.

These are the bare minimum precautions any website admin should follow to keep the website secure; there are more in-depth and proactive measures but taking these first steps would definitely give you an edge and create the habit of cyber security awareness.