Share this page!

we.are.lens Profile picture
Twitter logo
27 Oct, 9 tweets, 4 min read
I have just spent the last day cleaning a WordPress site that had been infected with malware. I believe the site was attacked due to an out of date plugin that had a vulnerability. Detailed here from @wordfence - wordfence.com/blog/2020/09/m…

#wordpress #CyberSecurity #wordfence

1/
Most of the attacks on WordPress sites are crude. They are automated attacks trying to exploit commonly known vulnerabilities. Taking a few simple steps can help secure your site. It won't stop the attacks but it will make it harder for them to get through.

2/
Make sure that your WordPress admin user is not called 'Admin'. This is the most common user that is attacked. Also do not call you admin user after your domain i.e. if your domain is thisismysite.co.uk, do not call your admin user 'thisismysite'

3/
If you follow my tweets, the next point is one I keep repeating - backup your site. Install a plugin like Updraft, wordpress.org/plugins/updraf…, configure automatic cloud backups. At least if your site is hacked, you can restore the old site.

4/
Install a security plugin such as @wordfence (wordfence.com). This will prevent most attacks. They have a premium version where you get the security rules immediately. The free version get the rules after 30 days.

5/
Once you have WordFence installed, you can then enable 2 factor authentication - wordfence.com/help/tools/two…

This means that as well as userid / password to login, you will need something else - usually an app such as Authly.

6/
Keep your WordPress Core / Themes and Plugins up to date. One of the most common methods of attack is to exploit vulnerabilities in outdated plugins.

If you subscribe to the @wordfence blog, you will get notified when they identify any new vulnerability.

7/
We can help to make sure that your site is secure or if the worst has happened, we can help to recover your site.

Drop us an email on hello@wearelens.co.uk

wearelens.co.uk

8/ End
@threadreaderapp unroll please

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with we.are.lens

we.are.lens Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @LensDigitalUK

we.are.lens Profile picture
22 May
There are over 50,000 @WordPress plugins. In the following set of tweets, we share our top 5 plugins that we use on all of our #WordPress websites here at @lendigitaluk.

wearelens.co.uk

Thread 1/7
Backups - We shouldn't need to say that you should always backup your website. With @UpdraftPlus, you can schedule backups and even backup to cloud storage.

updraftplus.com

2/7
Security - It is a fact of life that hackers will always try and gain access to your website. Security plugins such as @wordfence try and make that as harder as possible for them. Use this along with good security practises like strong passwords.

wordfence.com

3/7
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get email notifications when new thread is out from this Author!

Check out other threads from this Author!

Read all threads by @LensDigitalUK