WordPress websites are one of the most used Content Management Systems on the web. They are also one of the most attacked Content Management Systems on the web! Hackers are constantly trying to find loopholes or backdoors to gain access to your WordPress site with the intent to insert code within your theme to link to their sites (most cases). In most cases people don’t even know their sites have been compromised, you can’t see it and it the hacks are hidden in old theme files, image files or wherever they hope they will not be detected.
There are many security plugins that you can install in your WordPress site. My favourite is Wordfence Security.
It is easy to install and set up.
Go to Plugins Add New
In the search field type Wordfence Security, then install.
You will be prompted to type in an email address to send notifications. This is how/where Wordfence will notify you if there are any alerts on your website.
Then Click Wordfence from the left side of the WordPress dashboard and select Options.
These are the default selections when you install Wordfence.
The Alerts let you know when there is any activity on your site. These are important especially when there is a global attack on websites. You will know when a hacker is trying to sign in and what admin user id they are trying to gain access with.
Now sometimes this can be a bit of a nuisance as repeated emails get sent to your inbox. But it is important to monitor and make sure they aren’t using a correct administrator user id.
The login Security Options I set really tight so that once a hacker fails 2 times to gain access, they are locked out for 60 days.
Click save to save all your changes.