What if your WordPress gets hacked?
One of the quotes that fits best into this kind of situation is:
“Being too busy to worry about your backup is like being too busy driving a car to put on a seatbelt”
Here's some statistics about the amount of hacked WordPress blogs from 2009 to 2012
- 2009 – 81,000
- 2010 – 98,000
- 2011 – 144,000
- 2012 – 170,000
As you might have seen, Google search is filled with people who are desperately looking for help…
So how do WordPress blogs get hacked?
- 41% – You are using poor hosting company & your PC is infected with malware and/or viruses.
- 29% – You are using themes that are outdated and/or downloaded from untrusted sources.
- 22% – You have plugins that you no longer use, yet they still exist and are vulnerable.
- 8% – Your blog has too weak username and/or password.
Why do WordPress blogs get hacked?
- Hackers want to place links to your site, they want to get FREE traffic from your blog
- They do it for FUN and for STATUS
- They might want to get access to your personal data and files
- There's also possibility that they just want to eliminate you
How much time and money is needed to recover your hacked blog?
- Approx. 1 day to figure out your blog is hacked
- Approx. 1 day to fully understand what just happened and ask for help
- Approx. 3 days to fully clean and restore your blog
- At least $100 has to spent on technical support
- There's 75% chance that you can get your blog up and running just like it was before the attack
- … and what's most important: You will lose some of your visitors/readers
More and more WP blogs are getting hacked on daily basis… What can YOU do to prevent it?
- Backup your blog regularly
- Keep your WordPress blog updated
- Avoid themes and plugins from untrusted sources
- Use well-established hosting companies
- Ensure your PC is free of viruses and spyware
- Use strong passwords and usernames, or use a password manager
- Install a security plugin(s)
Update March, 2016: While digging through WordPress security related posts on Google, I stumbled upon this awesome post from John Stevens – How to Secure WordPress. Have a look, it's worth it!