If you recall, last week I reported that there has been a recent onset of WordPress sites being hacked. If you missed that, now might be a good time to give it a quick once-over. (hurry back!)
For the most part things have slowed down, but a slightly lower-level attack has been aimed at popular WordPress plugins, like WPSuperCache and W3TotalCache. I used to use those but quit quite a while ago. I was having conflicts and they interfered and slowed down progress when I was making changes on sites.
Keep Up To Date!
The easiest thing you can do to help protect your site is to make sure your software is always running the most current version. WordPress makes this easy for you. Once you login to your admin area, if any of your plugins, themes, or even WordPress itself has a newer version available, you will see notifications to let you know. Go ahead and click on the automatic update links and buttons and WordPress will do all the work for you.
Keep A Clean House
If you’ve got any themes or plugins on the site that aren’t active, delete them. If you’re not using them they’ll probably get ignored and you won’t be concerned about making sure they’re updated.
Is Admin Your Username?
If it is, it’s time to change your identity! I know, you’re thinking, “But WordPress doesn’t allow you to change your username!” That’s true, but there’s a way you can get around that.
How to have a different username:
- Login to your admin area and go to Users > Add New.
- Create a new user account for yourself with a new username and password that you’ll want to use. The only thing you’ll need to remember is that you’ll have to use a different email address than the one that’s used for your old account. (If you want you can just put in any email address for now, then switch it back to the one you were using on the old account)
- Logout of your admin area.
- Login using the new account you just created.
- Go to Users > All
Okay, make sure you pay attention here because you don’t want to lose all the posts you’ve created with your old account!
- Delete your old account. (scary, right?!)
- You will be prompted, asking if you want to delete all posts associated with that account or transfer them to a different account.
- Select the transfer option and select your new users account to assign all the posts to.
- Then confirm the deletion of the old account.
That’s it, you’re done. Go very slowly through those last four steps to make sure you don’t lose all your posts!
Well, hopefully this information will save you the headache of having your site hacked, and the cool thing is it’s all easy stuff to do!
You might want to take a look at the post I wrote last week. There are some more valuable tips there.