Welcome to WordPress Security Basics
How this site can help you
The accelerating growth of cyber-crime
It’s a sad fact that cyber-crime is one of the few real growth industries around today.
The hackers are becoming ever more sophisticated and, using tools that they develop or they can get hold of online, they can co-ordinate hacking attacks on a huge number of websites in extremely short periods of time.
I guess you’re aware of the high profile attacks that make the news – hacking of high profile organisations such as Yahoo, the NHS in the UK or the Democratic Party in the US – but hundreds of thousands of hacking attacks that don’t make the news take place every day on websites large and small.
The hackers don’t care how big or small your website is – they just want control of as many websites as possible that they can add to their ‘assets’. These ‘assets’ will then be used to redirect visitors to sites of the hackers’ choice, or to infect the computers of site visitors so they can take control of them and add them to a botnet which they use to carry out their dirty work.
All this makes it ever more important that you’re aware of the dangers, up to date with the latest types of attack and have the tools and knowledge to protect your website as best you can.
But let me make one thing very clear:
No website can ever be 100% secure
If a hacker wants to access a website they will, eventually, get in.
The vast majority of hacking attacks are done by automated bots (computer programs that search out potentially vulnerable websites and attempt to hack them), and it is easier to defend your site against these attacks than it is against an individual who wants to damage your site or your business in some way.
Who I write this website for
There are lots of websites online that address the question of making your WordPress website more secure against this tidal wave of cyber-crime.
The ones I follow and read are all good sites, giving good information, but a large proportion of them are written on the assumption that the reader is very familiar with both WordPress and the whole web development thing.
But not everyone is.
There are many, many people I come across through my business to whom much of what they read is just technical mumbo jumbo.
I spend lots time with these people explaining what they need to do and why, but without the technical talk.
And those are the people for whom I write this website.
My aim is to address basic security actions that you, as a first-time, non-technically-minded, WordPress user, can take – without having to resort to code or complicated configuration.
I also cover the wider question of how you can make your online activities safer by protecting your personal data from theft or misuse.
Because the focus is on non-technical steps, though, keep in mind that there are more technical and complicated actions that will strengthen your WordPress installation further – and, at some point, you should definitely be looking to move to the next level.
In the meantime, please browse the articles or use the search box to find something you are particularly interested in.
And do please contact me if I need to clarify anything!
I’ve been working with WordPress since 2006, building websites and blogs for myself and, through my agency business, for small and medium sized businesses.
I live in Hong Kong, but I grew up in what is now called Zimbabwe (it was Rhodesia when I lived there). After finishing my national service I went to university in South Africa, returned to Rhodesia after graduating and later moved to England.
I came to Hong Kong in January 1995 for a project and I’m still here (although it’s not the same project..!)
After living in the city for 18 years I moved, 4 years ago, to one of the outlying islands which offers a totally different lifestyle: countryside, excellent hiking, beaches and (relatively!) fresh air.
The only time I go back to the city now is for client meetings or to meet up with friends.
Don’t hesitate to get in touch if you have questions
If you’re concerned about the security of your WordPress website do take some time to read through the articles in this site.
I have tried to avoid jargon and technical mumbo jumbo wherever possible, but if anything is not clear please don’t hesitate to get in touch: click here to contact me.
You can also find me on:
Owner – WordPress Security Basics