If you’re reading any tech news, you know that WordPress has been subject to a number of hacks and security issues in the last few weeks. Being in the limelight as one of the most popular CMS’s available puts it into the target scope for hackers.

Hacking happens, that is true. But most of the time, hacking can be avoided by making yourself a more difficult target. Here are a few tips you can do to keep your site more secure.

Update, update, and more updating

This is the biggest cause for insecurities. WordPress and its plugin developers are very serious about security and release updates to fix them on a regular basis. If you do not update your site, you are making yourself a target for hackers by not taking advantages of these known fixes. Insecurities will happen. Updating covers you from the majority. Nearly every case of hacking I’ve seen has involved an outdated website.

Avoid WordPress Hacks

Strong Passwords and Username

We know memorizing passwords is hard. Nonetheless, having every single password be your birthday is just asking for trouble. Passwords should never contain dictionary words, should contain a number or extra character and should not be repeated. This is good practice and is not limited to WordPress.

Along the same lines, make your username something other than admin. This provides another layer of security besides your password. There have been instances in the past of WP sites being hacked using the username “admin” and common passwords because they were not unique enough.

Avoid Free or Cheap Premade Themes

On occasion, a free or remade theme can be prepackaged with malware! Even if it is not, they are less likely to be secure and contain quality, secure code. If you must purchase a theme, buy from an established, reputable company. Make sure to read the reviews for the theme you want, as well as other themes they sell.

Viruses on your Computer

If you computer is infected, your WordPress site can be as well. If anything you own or any service you use has been hacked recently, you should change all passwords everywhere to be on the safe side. Run a virus scan on your computer as well to start with a fresh clean slate.


When you are on a shared hosting account (and most of you likely are whether you know it or not), one insecure site can be hacked causing all the sites on that shared server to be hacked. Don’t just choose the cheapest or even the free hosting. Choose a server that is reputable, that is doing scans for malware themselves and that can help you if you do get hacked.

If you can get a managed server, that is even better. Many of the reputable hosting companies will force update plugins known to be insecure and notify you after. It’s nice to have someone looking out for you!

These simple things will strengthen your site and you should avoid being picked off as an easy target for hacking.

Read a list of known hacks that are happening right now.