Best Way to Avoid Getting WordPress Website Hacked
Alright good day and welcome, welcome to WordPress website secrets for the absolute beginner and I’m all caffeine-up this morning cuz we starting to get into the stuff that I really love which is security not to say that were passed the beginner stuff because we’re definitely not passed the beginner stuff but I think we’ve laid a great foundation and now it is time to work on our foundation.
So what we have on the screen right now is what I hope that you’ll never do with your website and that is first and foremost number one it hadn’t been backed up at 11 months. This is a test website that I have out there that I just kind of let sit but that’s neither here nor there. But let’s talk about the topic at hand; first and foremost number one this is really, really not a good idea. There hasn’t been a backup on the site for 11 months and the other thing I wanted to draw your attention to is this 6 up here, it says 1 WordPress update, 4 plugging updates and 1 theme update. You know the number one reason for updates to software is generally security patches, so you don’t want to create your site and just let it sit and rot out there because as your versions become more and more out-of-date you are more and more likely to get hacked. So this is the exploit database and doing a search on WordPress you can just see the number of possible exploits to WordPress and there’s hundreds of them. These are exploits that hackers will use to break into your website. One thing that I get asked again and again by small business owners is why in the world would somebody hack into my small business website? I mean seriously what’s in it for that? And I’m going to get into security end up later but what you need to know now is they don’t care whether you’re small business or large business or what-have-you. There are many reasons why a hacker would want to take over your website and they will take up your website, they can use it for its server resources; that can use it to link out to porn sites and other unscrupulous things. A lot of times the code that they inject on your website you don’t even know about till it’s too late. So the reality is yes they will come after your small business website and you need to be aware of this and you need to be concerned about this.
So coming back here, so coming back here I’m going to do a complete backup and I’ll speed up the camera while this does because it’s going to take probably 2 or 3 minutes. Okay and now we are done with the complete backup I’m gonna go back to backups and I’m also going to do a database only once again I will speed up the camera. Okay so we are done with both of those, we wanna go back to backups and now as you can see we’ve got a data base only backup from a minute ago and a complete backup from a minute ago.
So now that we have fresh backups now we want to do or updates, you don’t do your updates first because if one of the plugin breaks your website you got nothing to back up to. Now we’re good, we got a backup we can backup to from 1 minute ago and we should be ready to go. Now I should caveat that by saying that because we have not updated our software in 11 months we may have just done a back up that has malicious code hiding somewhere on the site. So it’s also important to run a malware scan on site, which with backup buddy you can get a malware scan and as you can tell we’re lucky no malware at this point. so backup buddy did not find any malware on the site which is great but yet it’s not foolproof because this type of malware scan is a remote scan. A much better methodology for which to run a malware scan would be to run the malware scan from the server side and that’s something we’re going to get into in a future video. But doing a preliminary scan at least we’ve got an idea. So now I’m going to click on the 6 and it’s going to take me to this page right here and I believe we had 4 plugins, 1 theme and a WordPress core to update. So now let me tell you this the safest way to update these plugins is to do them one at a time and then check the website to make sure that that particular plugin did not break the website. So once it, once it updates you can visit the site…. so I’ve gone to the site and made sure that updating that one particular plugin did not break the site. But that is essentially the best way to do it; this is the easier, less time consuming but more dangerous way of doing it i.e. checking them all at once and it then hitting update plugins which I just did. In a rare instance it’s only happened to me once in ten years, one of the plugins broke the site. Meaning when it updated and I went back to the site I got some sort of error, I don’t remember what the error was but I don’t remember which plugin it was that broke it. So that ended up costing me sometime, I’d revert to the back up and then essentially i went back to the plugins one by one by one and I figured out which one the culprit was. So although this is an efficient way of doing things and then going back to the site making sure that it works you still have probably a 1% chance that it might break something. And that’s percentage is determined by what kind of plugins you’re putting on your site, if you’re putting well-used very popular plugins that are updated regularly, that have good reputations you should be fine.
So let’s go ahead and do this theme and then usually I check the site here, make sure that works fine but I think you get the point. So there’s theme and now look at this one here is an important one the core; we’ve got to get the core updated as well and let’s go ahead and update it and there we are. We are completely updated and now just check the site again just to make sure that we didn’t break anything. Everything seems to be working.
So there it is backing up and updating all of your software is the single number one way to make sure that your website does not get hacked. Having all the up-to-date software with all the up-to-date patches is the best defense that you can have from getting hacked. However in the next video we’re going to take security one step further and we’re going to take the first step to building a fortress of security around your website without having to use any codes whatsoever. So I’m Steve for WordPress websitesecrets.com please like, subscribe, comment and don’t forget at this time this is going to 16, so if you haven’t seen some of the others please check them out and many more videos to come. Hope to see in the next one. See you!!