I got hacked ... again.
I love WordPress.
I use it on many sites, but I get hacked every now and then.
It usually happens on sites I haven't visited for a while and could be slightly outdated.
This is the first in over two years.
My security on my sites is reasonably strict, and it has protected me for many years, but I've been notified that one of my sites has been hacked.
What I hate about being hacked is that I will now have to spend several hours cleaning up the site and putting more barriers in place.
WordPress is a hacker's target.
They share info constantly about the best ways to hack WordPress sites, and most of them are too simple to break into.
Far too many WordPress sites have a user with the username of Admin.
That's the first thing I change.
The second thing I change is the password, for which I use the rule of a symbol, the domain name (in CamelCase) plus a 4-digit number, and I end with another symbol.
The thing about passwords is that a hacker has to guess the whole password.
They cannot crack part of a password because it's all or nothing.
You can use any pattern you like if you have a symbol, one uppercase letter, one lowercase letter, and a number.
Make it 14 or more characters long, and you'll have a great password.
But nothing is uncrackable.
All you are attempting to do is make it hard enough that it's not worth the effort and time to hack your site.
With my recent hacked site, I'll have to change the password anyway, so I'll check that it's better than the one that exists now.
Other steps you can take are to use the WordFence plugin and use CloudFlare for your SSL tool.
Both are free to use for unlimited sites.
Regards,
Brent.
P.S. Cracking or hacking WordPress sites isn't the way to profit long-term.
Cracking the code to make money online does not need any particular skill.
You can gain the minimal skills required here https://go.wm-tips.com/sr-list.
~ end ~