Unfortunately, attacks on popular web applications of publishing solutions such as WordPress are normal. In particular, attacks against security holes in WordPress are very common. However, with simple grip grips you can greatly increase your safety. For checking the site you can make use of 토토
먹튀. Here’s what we recommend to all our customers:
Keep your publishing solution (WordPress) up to date
WordPress itself has an automatic update routine on “smaller versions”. If your site says there are new updates for WordPress backup, update extensions, themes and WordPress itself.
Table of Contents
Keep your extensions and themes up to date
If you use third-party extensions or themes, and they cannot be easily updated, check for alternatives – you won’t have to pay expensive for your site security.
Use only themes and extensions you absolutely need
- Delete any themes and extensions you don’t use (the theme / extension is still available even if only disabled).
- Protect the administration area with 2-factor authentication.
- You can use hardware solutions (something similar to the online banking key code generator), or software-based authentication solutions).
- This will make logging attacks against the website considerably difficult.
- Use a password that will not be easy to guess.
- One of the most widely used passwords in the world is “1234” – which is a lot harder (use a phrase if possible).
We recommend creating passwords that contain both lowercase and uppercase letters, special characters and numbers, or parts of a phrase only you can connect to your site.
Here’s how we protect your site in WP-Hosting
We are watching closely for new security alerts that emerge regarding errors / omissions / attacks against WordPress. We check various external forums, email lists and websites every day that deal with WordPress solutions and WordPress security. Internally, we also constantly check our own systems so we can quickly identify and block attacks.
Whether we see a security hole or an error occurs due to possible attacks we have the opportunity to create our own set of rules for our servers to protect you as a customer.
Modsecurity logo
For example, we protect your site from the following attacks with the server rules we use (these are just some of the attack vectors we protect you from):
- SQL Injection (injection of SQL data that is normally not valid for the site).
- Remote inclusion of files (resource loading from another site).
- Local file inclusion (often used for further attacks on security holes – these are usually attempts to read files and bypass login / access lists).
- XSS (cross-site scripting).
- And more generally: most of the known security holes in WordPress and popular extensions.
- Our goal is to ensure that you are protected as well as possible and still experience our service as responsive and functioning.
- Important: Although we always respond as quickly as possible, we cannot guarantee that your site is 100% protected at all times against the latest hacks / exploits.
It is therefore important to follow the recommendations in keeping the “surface of attack” as small as possible (see paragraph 3 above).