WORDPRESS SECURITY TIPS – January 2016
–> – Change Default ADMIN Username
Security is more important then ever if you are a lawyer and have a WordPress site. No doubt it seems like there is a constant threat of hackers trying to get into your site. Dont believe me? Setup the Wordfence Security Plugin and enable the Live Activity Feed and you will see an amazing amount of users or robots usually from other countries trying to access your site. So in order to keep them out you will need to follow a number of tips starting with these basic two.
#1- Remove ADMIN User ASAP and replace with other user…
The ‘admin’ username is the first guess the brute-force robot uses to try and gain access to your website because it is the default username when you install WordPress. Most site owners will change the default username during installation, but if you still have this username – remove it immediately. Create a new username, delete the ‘admin’ user, and WordPress will move all existing content to the newly created user.
From a security perspective, changing the default “admin” user name is one of the first and smartest things you should do on your site.
#2- Set ‘Display name publicly as’ so it does not match username –
Change this option in Users > Your Profile or from the Users > All Users dashboards to hide this data from future site crawls. The same brute-force robots will often crawl your site and copy author information. If you’ve set the ‘Display name publicly as’ option to match your username, the robot now has that information and will use it to try and break into your site.
When you submit a post or answer a comment, WordPress will usually display your “nickname”.
By default the nickname is set to the login (or user) name of your account.
From a security perspective, leaving your nickname the same as your user name is bad practice because it gives a hacker at least half of your account’s login credentials.
Therefore to further tighten your site’s security you are advised to change your nickname and Display name to be different from your Username.
WordPress Security for Lawyers
If you have a wordpress site, you must really make sure you protect it from hackers. Otherwise you risk getting hacked and having malware planted on the site, this is not a good thing. Worst case scenario, Ive seen sites totally ruined because of hackers. Thats why its key to make sure you have full backups that you can restore, this way if your site is hacked, you can always restore over the damage that was done usually. Contact us today for more information at 630-393-0460.
Why You Need WordPress Security Services
#1- To protect your legal website from hackers and malware
#2- To make sure your WordPress software and Plugins are updated
#3- To make sure your site is backed up on a regular basis
#4- To be able to RECOVER From Hackers and any Google Site Warnings about your site