Secure My WordPress
The three most common hacks and or techniques used in attacking WordPress website are:
1. Brute Force Attack – Using a password list a “bot” is designed to go to your wp-login.php page and simply guess what your username and password are. This creates an issue as your Website will run slower due to the heavy traffic, and your password might be on that list and the hacker will attain administrator access to your website.
2. SQL Injection – Usually a hacker will utilize a 3rd party plugin that has been installed on your Website to gain access to your entire database. Using access to your database the hacker is able to change any passwords, retrieve any emails or usernames and even credit card numbers if you are collecting them on your website.
3. Cross Site Scripting – This method we have noticed occurs when you are using a nulled/pirated copy of a plugin. A malicious code has already been added to a theme and or plugin. The code will auto-execute itself and will for example show p0rn ads, or advertisements targeting a specific product and or website.
These 3 methods seem to be the most popular way your WordPress setup might be compromised.
Secure WordPress Package Includes:
- Scanning of all current plugins installed.
- Setup capture and ban of brute force attempts.
- Firewall installed
- Malware/Virus scanner will be initiated.
- Login moved to another location
- Final Security Audit with Report
- NOTE: This package is for 1 WordPress Installation. Please further note that you are responsible for WordPress/Plugin Updates, we do provide WordPress Maintenance package that is completely separate service from WordPress Security. And if your WordPress setup has been hacked, we offer cleaning service as well.
- NOTE 2: The service above is included if you had obtained a website design from us. (As of May 2018)