I spoke a bit ago on WordPress hacks and security. I’d like to address the same topic very quickly and simply here.
In my years of experience I have noticed that the number one thing that causes WordPress sites to get hacked are outdated plugins and themes. People would save themselves a whole lot of headache if they would simple follow these following rules:
- Don’t keep any plugin/theme, etc., that you aren’t actually using. It will get out of date and, even if it’s deactivated, hackers can still exploit it. Delete anything and everything you can afford to get rid of.
- Be safe and smart on your plugins/themes. Feel free to try out anything you want but, when you’ve decided which ones to keep, be sure to keep them up to date with the latest versions as they come out. (Of course this means keeping WordPress itself up to date too)
That’s the simple checklist… Only two things. And if you can do those two things, you’ll find yourself a lot more likely to be able to keep your site running safely and happily.
With that said there has been one other major issue that I’ve seen causing hacks lately, and that is: insecure passwords.
Please save yourself the trouble by going through and updating your passwords now. Make sure the password to your hosting account, your email addresses, your FTP accounts, etc., and especially to all your WordPress sites (and non-WordPress sites if you have any) are all strong, secure passwords.