HOW TO STOP HACKERS & SPAMMERS ON YOUR WORDPRESS WEBSITE?
Would you like to stop hackers and spammers from attacking your website? Of course you would. But how can you do this without incurring additional costs, messing up your website or getting overwhelmed with a list of things you are not able to do?
Well, there’s hope. In a nutshell: Implement security checks and install security plugins.
On this page, I will explain what to do, how to implement the security measures and walk you through the exact steps that you can take to make your website security rock solid.
How to Implement Security on Your WordPress Website
To summarize, here’s a short list of helpful tips to get you started:
- Ensure your web hosting provider is trusted & secure
- Use strong passwords for your logins
- Make use of trusted themes & plugins
- Install an SSL certificate on your website
- Turn comments off if you don’t use or need them
- Install trusted anti-spam plugins
- Activate security plugins
- Get further professional assistance for more in-depth security measures
- Backup your website often
Now let’s take a deeper dive into how to achieve these steps.
- What is the First Step to Take When Securing a Website Against Spammers & Hackers?
- Why should You use Strong Passwords When Securing Your Website?
- What Themes and Plugins Should You Be Using to Keep Your Website Secure?
- How to Get Your Website to Display as a Trusted Site to Increase Your Website’s Security?
- Why You Should Turn Off Comments on Your Website?
- What Additional WordPress Plugins Can You Install To Limit Spam On Your Website?
- How To Find which Security Option is Best To Monitor and Secure Your Website?
1. What is the First Step to Take When Securing a Website Against Spammers & Hackers ?
First thing first is to either use a trusted and secure hosting provider or if you are currently hosting with a service provider of which you encounter continual hacking and spam and have tried all measures to overcome these, then best is to switch over to a more trusted hosting provider. Get in touch with DT Web Designs to guide you through this process.
There’s nothing worse than ensuring your website is updated and secure and putting allot of effort into it, only to find that the service provider through which your website is hosted is unsecured and vulnerable to hacking and spam.
2. Why should You use Strong Passwords When Securing Your Website?
The stronger your passwords, the least threat of hackers gaining access to your wordpress admin area. If you have a weak password, then no worries, simply change it to a stronger password by logging into your wordpress admin or backend area, then click on ‘Users’ on the left hand column and look for your user name and click on edit, then go ahead and change your password. Don’t forget to save or update – easy stuff!
3. What Themes and Plugins Should You Be Using to Keep Your Website Secure?
Using different wordpress themes and plugins can cause vulnerabilities, especially themes and plugins that have a low review and low star rating. Best is to research each theme and plugin before installing. In our quest to keep costs as low as possible when setting up or upgrading a wordpress website, the use of either free or cheap themes and plugins cause all kinds of chaos and security threats to websites nowadays.
4. How to Get Your Website to Display as a Trusted Site?
Firstly install an SSL certificate on your website. The SSL certificate displays your website as a ‘trusted site’ and Google and your viewers really like this. An SSL certificate is represented by a small padlock icon at the extreme top left of your website URL address and has a ‘https‘ followed by the ‘www…..yoursite.com’ for example, immediately after the icon. The SSL certificate can be obtained from your hosting provider and can either be installed by them, or you can manually install it yourself, however knowledge in doing so is required. DT Web Designs provides this service and provide the certificate free of charge when hosting with us. Get in touch with us for assistance.
5. Why You Should Turn Off Comments on Your Website?
If you don’t require comments to be made on either your entire site or on all pages or specific pages, here’s what you can do. In your WordPress admin area, head over to ‘Settings – Discussion’ and simply untick or deselect the following “Allow people to post comments on new articles’ – see below screenshot with the option underlined in red for easier discovery.
Next, click on ‘Posts’ or ‘Pages’, both seperately if or where necessary. Let’s say you clicked on ‘Posts’, now in the list of posts that appear, with your mouse, hover over the title until you see a few options. The option you want to click on is ‘Quick Edit’. Once the drop down on the quick edit appears for that post, ensure that ‘Allow Comments’ is unchecked or deselected. See screenshot below as an example of where to find this:
Note that some themes can also include comments selection at the bottom of each page or post, so in the edit page or post pane, ensure you scroll right down each page to ensure there is no additional setting there to turn comments on and off. Don’t forget to look on bottom left and extreme right to ensure there are no additional comment control settings that need to be turned off.
Another one to look out for is if you click on ‘Appearance – Customize’ and once that page is displayed, inspect each of the settings there to inspect if comment control has also been placed there and ensure it has been turned to ‘off’ or deselected.
6. What Additional WordPress Plugins Can You Install To Limit Spam On Your Website?
Before doing this, backup, backup, backup! There are a number of either free or premium (paid for) stop spammers or anti spam plugins available. For example click here a good free plugin that you can add to your plugins and render the settings accordingly
These plugins will also add that additional anti spam control to your website. However once installed, good practice is to test your website to ensure that each new plugin doesnt conflict with your website admin or frontend settings. Some plugins, even with a good rating and trusted can conflict with other themes and plugins causing all sorts of issues.
If you find that your website is not functioning well after installation of any plugin or theme, then either deactivate the plugin from the ‘Plugins’ list or if your wordpress admin area is totally blank then either login via the FTP or Cpanel and search under ‘File Manager – WP Content – Plugins’ and just delete that plugin that is causing the issues. Then head back over and refresh your wordpress admin area and you should have full access once again. If you are really stuck and in a flat panick! then don’t worry help is always available either through your hosting provider or get in touch with us at DT Web Designs.
7. How To Find which Security Option is Best To Monitor and Secure Your Website?
WordPress provides a number of excellent, effective and trusted security plugins for you to choose. A good security plugin to consider is iThemes Security
This comes in both a free and a premium (paid for) option and provides auto security threat notifications and security recommendations, so you are kept up to date with activity on your website. Another useful function is to install a plugin that limits login attempts on your wordpress admin area, one such option to consider is Loginizer.
There are many security options to choose from and you can also contact your hosting provider to assist with further security options to harden the security on your website, alternatively get in touch with DT Web Designs for more indepth security solutions.
Getting your website to be secure is well worth the effort and will take a bit of time to implement the necessary changes.
But the time you spend investing in securing your website is a must nowadays. Hackers and Spammers are always on the prowl to mess up all your hard vested time and money on your website.
So, now you know what to do to secure your wordpress website. Don’t delay and regret that you didn’t take the necessary steps to ensure your website is bulletproof against spammers and hacker attacks. Feel free to get in touch with DT Web Designs for any additional assistance.