利用者:OdenO'connor593
I simply discovered that certainly one of my older domains which I scarcely use anymore but nonetheless receives trickles of traffic from time to time and with it a number of affiliate sales per month had been hacked. All the files have been deleted, and just what was worse was that when I investigated the site I discovered that I hadn't backed up the database in quite a while. Well, i urge everyone to celebrate and recognize today as WordPress Safety Day beside me by using these 4 WordPress security tips.
Backup
I hadn't supported that site which got hacked in more than a year. This really is inexcusable considering there are lots of free plugins which allow you to schedule backups. I could not even look for a recent backup from my hosting provider whom I set the database track of, either.
I suggest that you simply use a backup plugin such as WP-DB-Backup. It's a free plugin and something of my best WordPress plugins for 2012 which while it was not updated in awhile it gets the job finished for the reason that you can choose the precise files that you simply wish to back up and only create backups on demand or you can schedule them to be emailed to you once every hour, day, week, etc. so you are aware any time you've any issues (security or technical) together with your site you will have that backup.
You may also backup your site using your hosting/database provider and it's a good idea because copying your database means copying all of your posts, pages, plugins, and preferences. I suggest that you simply go ahead and backup all your sites now.
Update
I know it can be annoying to get bugged by WordPress to update to the latest version every week or so, but WordPress updates are paramount to the security of the site. Hackers are always looking for ways to compromise WordPress' security and discover a way to enter into your site for his or her own amusement or gains, and that's why it is important that you simply remain up-to-date with WordPress' updates because they create these updates in part to fix compromising errors and holes within their security that could be exploited.
Permissions
You should limit the permissions for your various files and folders which make your site whenever possible yet still be able to operate and performance properly. You are able to alter the permissions to see, write (meaning read and write), and execute (which describes read, write, delete, change) your files and folders in relation to you, an organization, or everyone. The less permissions you can allow, the greater secure your website will be, but certain plugins which require access to certain files won't be able to unless they have permission.
Password
Finally, remember to change your passwords every so often. It's a good habit to get involved with recording your passwords for your login, database, etc. and updating them each month or so if at all possible. And you've probably heard this thousands of times from anyone you retain passwords with, but avoid simple to crack identity related passwords. A great password is comprised of numbers, letters (upper case and lower), and symbols.
I recommend putting all your WordPress login URLs of your various sites into one bookmarked folder in your browser to be able to open all of them at the same time and don't forget to backup, update them, restrict your permissions, and alter any passwords once a month, even the ones which you rarely used anymore.