As WordPress becomes more and more popular as a content management system, it also attracts undesired attention from hackers across the globe. With so many WordPress sites active on the web, it is easy for hackers to locate WordPress sites by consistencies in the way WordPress is setup. These include:
By running a few simple searches, a hacker can quickly find sites running off WordPress.
A very common hack attempt is a the brute force login. This is where hackers will locate the wp-login.php page and run scripts in an attempt to login as an administrator. This usually involves using the username “admin” and then by the use of scripts, populating the password field with random dictionary based words and number combinations. This can be quite successful considering how many people these days still use admin/password123 or similar easy to crack combinations.
With thousands of free themes and plugins available and the majority no longer maintained, it can leave many sites with backdoors waiting to be exploited. Hackers can locate these backdoors and use them to install scripts or malicious code on your website. It is best practice to use paid themes and plugins that are kept updated or popular items that also have regular updates.
Incorrect permissions on files and folders on your WordPress hosting can lead to hackers modifying your WordPress install. Ensure the correct file and folder permissions are setup on your installation. Folders should be set to 755 and files set to 644.
Many hackers will inject malicious code into the head of WordPress php files. This code can be hard to find and also can be injected into every single php file on your site making it near impossible to find and remove. The best solution is starting fresh with a clean install of WordPress and migrating your content over.
There are a number of ways to assist in preventing your site from being hacked. By following a few simple rules it will give you site the best chance in avoiding a future hack.
This includes:
The above might sound like a lot to do and it is if you do it manually. Thankfully there is a plugin that can take care of all this for you. WP Better Security is a free plugin that will greatly increase your security settings with the click of a few buttons.
WordPress regularly releases new versions which often contain crucial bug fixes and updates. It is essential that WordPress is kept up to date to avoid any security breaches.
It is recommended that you take a backup of your database and website before any major updates to avoid any data loss. Backups should be taken regularly anyway, but be sure you aren’t backing up a site that has already been compromised.
Matt runs m2media, a Brisbane Web Design company specialising in WordPress Design and Development. For more information or assistance with either preventing your WordPress site from being hacked, or fixing hacked sites, please contact m2media.
This is a question we get at m2media all the time, and there is no real set answer. It is much like asking “how long is a piece of string?”. We like to compare building a WordPress site to building a house. Both have many variables that influence the final cost. Do you want 2 or 4 bedrooms can be compared to whether you want 10 pages or 100 pages.
Our basic WordPress websites start at around $2,400 and increase depending on additional features. Ecommerce WordPress sites for example average around $5.000
All packages include the following as standard:
Full custom sites will attract a higher cost due to the additional consulting, design and development time required.
There are a lot of extras available that can be included with any WordPress site development. These include
Before asking how much does a WordPress site cost, first work out your website requirements. Here are some simple steps to build your website development brief.
As you can see the is a lot involved in the initial preparation of your website. The more you can do and supply initially will save a lot of time and costs, and your project will run smoother.
Contact us today to talk about your WordPress website. We have a variety of packages to suit most budgets! Click here to fill out our contact form and you will receive a response, typically within hours!
WordPress has released version 3.8 which sees a major upgrade to the admin area including new skins, typography, enhanced mobile experience. Instantly users will notice the new black menu bar and flat colours which provide a great contrast between the menu and editor areas.
What we find to be a great new feature is the sidebars in the widgets area now split into 2 columns, making it much easier to allocate widgets to sidebars. No longer do you have to drag widgets down to the very last sidebar at the bottom of the page. This is great for sites who have more than about 5 sidebars.
Installed plugins are now colour coded, allowing users to instantly differentiate between active and inactive plugins.
A new theme is also included titled Twenty Fourteen, which aims at allowing users to create a responsive magazine style blog which will sure to be a big hit amongst up and coming bloggers.
Overall we are very impressed with the new update and it seems to be quite a lot faster when navigating between pages, posts, and other sections of the admin area. If you are running an old outdated version of WordPress, then it’s best we have a look first at your theme to make sure it wont be corrupted when upgrading to WordPress 3.8.
If you wish to have us upgrade your old site to the new 3.8 WordPress then please contact us.