CurvePress

Suite of WordPress Services

  • Home
  • Member Login
  • CurvePress Services
    • WordPress Video Tutorials
      • Video Tutorial Library
      • Training Videos
    • Site Creation
      • Get a Website
      • Web Hosting
      • Make Your Site Blazing Fast
      • Promote Your Site
      • Protect Your Site
      • Move Your Site
      • Add Features to your Website
      • Our Work
    • CurvePress Fix-It Desk
      • File a Ticket for the Fix-It Desk
  • Blog
    • Testimonials
  • Contact
You are here: Home / Blog / Let’s be safe out there…

Let’s be safe out there…

May 6, 2013 by curvs 2 Comments

Is your WordPress site safe?

Might sound like a silly question, but it’s not.

If you have a site that is based on WordPress, your site has probably been under attack over the past couple of weeks.

You see, since around mid-April a lot of WordPress sites came under attack by hackers.  These hackers unleashed millions of “bots” (robots – software applications that run processes on the Internet).  These hackers have been trying to break in to your WordPress site.

Hacked-1024x344The most common user name for the owners of WordPress sites is “Admin” or “admin”.  Why?  Well, not only is it a logical name to use, but also many of the scripts (such as Fantastico) use Admin ad the default administrator username when they set up WordPress for you.  The hackers who set up these bots know that admin is the most common username, so they send out the bots to try to log in to WordPress sites using admin as the username, and they choose common passwords, to see if they can easily get into your site.

Now, first thing is that if you are not using “admin” as your username, these bots would immediately move on to other sites.  For passwords, a lot of people use common passwords.  What are the most common passwords out there?

25 Most Common Passwords:

  • why-password-manager-infographic-275x1024password
  • 123456
  • 12345678
  • abc123
  • qwerty
  • monkey
  • letmein
  • dragon
  • 111111
  • baseball
  • iloveyou
  • trustno1
  • 1234567
  • sunshine
  • master
  • 123123
  • welcome
  • shadow
  • ashley
  • football
  • jesus
  • michael
  • ninja
  • mustang
  • password1

If you are using one of these passwords, you need to go change it now!  If you don’t change it, your site is vulnerable.

Another big problem is using the same password for lots of sites.  Tons of people do this, and it is a huge security risk.

Use a Password Manager

There are lots of free pieces of software out there that will manage your passwords.  I use one called KeePass.  It not only saves my passwords, it suggests good passwords to me whenever I enter a new site into the system.  It does lots of things to protect my sites.  But, as I said, there are many such programs, so I am not saying that you must use KeePass, that’s just the one that I chose.

Anyway, going back to this bot attack on WordPress sites, the bots would go to the site and try to log in using admin and some of those common passwords.  If they could not get in, they would move on to another WordPress site.  So, if you are using a strong password, maybe 8 characters long at the least (most of my passwords are at least 15 characters long), the bot would not mess with you, because it is just too hard and time consuming to try to break into your site.

What would the bots do?

So, when the bots broke into your site, what would they do?  Who knows?  I don’t know.  But, having somebody else access your site is not a good thing, and you should avoid it at all costs.  I don’t mean somebody that you have given permission to, I mean some malicious hacker who tries to break into your site.

Lock your site down with a good password.  Don’t use “admin” as your username.  Just doing these two things will give you a much higher level of security compared to many other sites out there.

Share this:

  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to print (Opens in new window)
  • Click to email a link to a friend (Opens in new window)

Filed Under: Blog, WordPress Tips Tagged With: Security for your WordPress site

StudioPress Premium WordPress Themes

Latest from the CurvePress Blog

Message from an old friend

Penny Wise, but Pound Foolish

Hot and Heavy

Comments on the Blog

  • BobM on Penny Wise, but Pound Foolish
  • LeRoy Miller on Penny Wise, but Pound Foolish
  • Message from an old friend on Contact Us

CurvePress Fix-It Desk

At CurvePress, we are here to help you keep your WordPress site up, running, and looking good! If you want to keep your WordPress site up and … [Read More...]

WordPress Training

WordPress Video Tutorials

Start Learning WordPress Today! CurvePress wants to help you learn how to run a WordPress site.  How to set it up in a way that it is a beautiful … [Read More...]

CurvePress Website Creation Services

At CurvePress, our Soup Up Your Site division creates websites and makes valuable additions to websites.  We also offer website hosting. Please … [Read More...]

If you don’t host with us, try this:

Recommended Premium Plugins

WordPress Affiliate Software

CurvePress Links

  • Join CurvePress
  • Member Login
  • Free CurvePress Blog
  • Contact CurvePress
  • File a Fix-It Desk Request
  • CurvePress Testimonials
  • Terms of Service
  • Disclosure

CurvePress Services

  • Affiliates
  • WordPress Tutorials
  • WordPress Site Building
  • CurvePress Fix-It Desk

Connect with Us

  • Email
  • Facebook
  • RSS
  • Twitter
We may receive a commission if you purchase some of the products that we recommend on our site. We are experienced WordPress users, though, and we only recommend products that we have used and that we love!

CurvePress Newsletter

Be the first to know when we have something important going on!

Copyright © 2022 · Centric Theme on Genesis Framework · WordPress · Log in

 

Loading Comments...