{"id":218,"date":"2012-08-12T22:47:00","date_gmt":"2012-08-13T02:47:00","guid":{"rendered":"https:\/\/www.thexyz.com\/blog\/2012\/08\/12\/keeping-your-wordpress-site-safe-from-hackers\/"},"modified":"2022-02-20T07:28:58","modified_gmt":"2022-02-20T12:28:58","slug":"keeping-your-wordpress-site-safe-from-hackers","status":"publish","type":"post","link":"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/","title":{"rendered":"Keeping Your WordPress Site Safe From Hackers"},"content":{"rendered":"<h3>Since more WordPress users are becoming victims of malicious hacks which is usually occurring to users using older versions of WordPress. It is becoming increasingly important to keep vulnerable themes\/plugins installed up to date. As well as follow the steps in this guide to reduce the risk of you becoming the next victim.<\/h3>\n<p>Users are reminded to follow these instructions to maintain a secure WordPress install.<\/p>\n<blockquote><p>&nbsp;<\/p>\n<ol>\n<li style=\"list-style-type: none;\">\n<ol>\n<li>Keep a regular backup<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<ol>\n<li style=\"list-style-type: none;\">\n<ol>\n<li>Manually upgrade the WordPress version to the latest version.<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<ol>\n<li style=\"list-style-type: none;\">\n<ol>\n<li>Remove any vulnerable themes and plugins that are out of date or no longer used, also update them too.<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<ol>\n<li>Read the additional security measures listed below and on our <a title=\"Thexyz Forum\" href=\"http:\/\/forum.thexyz.net\/\" target=\"_blank\" rel=\"noopener\">forum<\/a>.<\/li>\n<\/ol>\n<p>&nbsp;<\/p><\/blockquote>\n<p>The latest version of WordPress available is 3.4.1. However, you cannot upgrade to the latest version via your server control panel. So if you are using older versions of WordPress, we strongly recommend you upgrade to the latest WordPress version. The following article will help you to upgrade the WordPress version: <a title=\"http:\/\/codex.wordpress.org\/Updating_WordPress\" href=\"http:\/\/codex.wordpress.org\/Updating_WordPress\" target=\"_blank\" rel=\"noopener\">http:\/\/codex.wordpress.org\/Updating_WordPress<\/a>\u00a0you can also watch this <a href=\"https:\/\/www.youtube.com\/watch?v=k0tMxk9O9lo\" target=\"_blank\" rel=\"noopener\">video<\/a>.<\/p>\n<blockquote><p>Remember to keep a full website backup before attempting to update your wordpress software.<\/p><\/blockquote>\n<p>In addition to the above, please note the following security measures to prevent your WordPress sites from hacks.<\/p>\n<h3><b>Issue 1:<\/b><\/h3>\n<p>Did your site get hacked even after upgrading the WordPress version to the latest version 3.4.1 and removing vulnerable themes\/plugins?<\/p>\n<h3><b>Solution<\/b><\/h3>\n<p>We found sites being hacked by editing the WordPress theme editor. To fix this, you can disable the WordPress theme editing option by inserting the following line in the wp-config.php file.<\/p>\n<blockquote><p>define(&#8216;DISALLOW_FILE_EDIT&#8217;,true);<\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<h3><b>Issue 2:<\/b><\/h3>\n<p>Site was hacked due to using an outdated version.<\/p>\n<h3><b>Solution<\/b><\/h3>\n<p>It is very important for you to keep your WordPress software up to date, to see how Thexyz can help assist you with this please see the bottom of this post.<\/p>\n<h3><b>Issue 3:<\/b><\/h3>\n<p>Alternately, sites can also get hacked if your WordPress admin login credentials are compromised.<\/p>\n<h3><b>Solution<\/b><\/h3>\n<p>In this case, if the hackers are still logged in to your blog then resetting your WordPress admin password won&#8217;t help you. This is because their cookies are still valid. To disable them, you have to create a new set of secret keys. Please Visit the WordPress key generator <a title=\"https:\/\/api.wordpress.org\/secret-key\/1.1\/salt\/\" href=\"https:\/\/api.wordpress.org\/secret-key\/1.1\/salt\/\" target=\"_blank\" rel=\"noopener\">https:\/\/api.wordpress.org\/secret-key\/1.1\/salt\/<\/a> to obtain a new random set of keys so that you can overwrite the values in your wp-config.php file with the new ones: <a title=\"http:\/\/codex.wordpress.org\/Editing_wp-config.php#Security_Keys\" href=\"http:\/\/codex.wordpress.org\/Editing_wp-config.php#Security_Keys\" target=\"_blank\" rel=\"noopener\">http:\/\/codex.wordpress.org\/Editing_wp-config.php#Security_Keys<\/a><\/p>\n<p>You can also do WordPress hardening by referring to this link: <a title=\"http:\/\/codex.wordpress.org\/Hardening_WordPress\" href=\"http:\/\/codex.wordpress.org\/Hardening_WordPress\" target=\"_blank\" rel=\"noopener\">http:\/\/codex.wordpress.org\/Hardening_WordPress<\/a><\/p>\n<h1>What does Thexyz do to help?<\/h1>\n<p>Whilst we do ensure our own systems are secure, we have seen sites become infected through the use of third-party applications and plugins. \u00a0There isn&#8217;t any additional precaution or safety measure that we can place on the server-side to fix this, and we do what we can to support and educate customers on any potential threats. We do also offer additional weekly backup services\u00a0for backing up your server automatically for just $6.99 per month. This way you just have to take care of the updates yourself.<\/p>\n<h1>What if I cannot manage WordPress updates myself?<\/h1>\n<p>If you can manage to check your email then, you can update your WordPress. We offer video tutorials from backing up to upgrading on our <a href=\"http:\/\/www.youtube.com\/user\/thexyznetwork\" target=\"_blank\" rel=\"noopener\">Youtube Channel<\/a>.<\/p>\n<h1>Can you do this for me?<\/h1>\n<p>At Thexyz we can take care of keeping your server secure, server OS up to date, automatically backed up with a managed service, but this does not include keeping the third-party applications you choose to install on the server up to date. We have now offer <a href=\"https:\/\/www.thexyz.com\/input\/projects\/\">Projects<\/a> that can take care of the process for you for a reasonable price.<\/p>\n<p>If you have any questions or comments, please feel free to leave one below or contact your account manager.<\/p>\n<span class=\"et_bloom_bottom_trigger\"><\/span>","protected":false},"excerpt":{"rendered":"<p>Since more WordPress users are becoming victims of malicious hacks which is usually occurring to users using older versions of WordPress. It is becoming increasingly important to keep vulnerable themes\/plugins installed up to date. As well as follow the steps in this guide to reduce the risk of you becoming the next victim. Users are [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[9],"tags":[],"class_list":["post-218","post","type-post","status-publish","format-standard","hentry","category-websites","et-doesnt-have-format-content","et_post_format-et-post-format-standard"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Keeping Your WordPress Site Safe From Hackers - Thexyz Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Keeping Your WordPress Site Safe From Hackers - Thexyz Blog\" \/>\n<meta property=\"og:description\" content=\"Since more WordPress users are becoming victims of malicious hacks which is usually occurring to users using older versions of WordPress. It is becoming increasingly important to keep vulnerable themes\/plugins installed up to date. As well as follow the steps in this guide to reduce the risk of you becoming the next victim. Users are [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/\" \/>\n<meta property=\"og:site_name\" content=\"Thexyz Blog\" \/>\n<meta property=\"article:published_time\" content=\"2012-08-13T02:47:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-02-20T12:28:58+00:00\" \/>\n<meta name=\"author\" content=\"Thexyz Staff\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/thexyz\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Thexyz Staff\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/\"},\"author\":{\"name\":\"Thexyz Staff\",\"@id\":\"https:\/\/www.thexyz.com\/blog\/#\/schema\/person\/29825f4c97e9354f112a842f512b7b7b\"},\"headline\":\"Keeping Your WordPress Site Safe From Hackers\",\"datePublished\":\"2012-08-13T02:47:00+00:00\",\"dateModified\":\"2022-02-20T12:28:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/\"},\"wordCount\":653,\"commentCount\":1,\"articleSection\":[\"Websites\"],\"inLanguage\":\"en-CA\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/\",\"url\":\"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/\",\"name\":\"Keeping Your WordPress Site Safe From Hackers - Thexyz Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.thexyz.com\/blog\/#website\"},\"datePublished\":\"2012-08-13T02:47:00+00:00\",\"dateModified\":\"2022-02-20T12:28:58+00:00\",\"author\":{\"@id\":\"https:\/\/www.thexyz.com\/blog\/#\/schema\/person\/29825f4c97e9354f112a842f512b7b7b\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/#breadcrumb\"},\"inLanguage\":\"en-CA\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.thexyz.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Keeping Your WordPress Site Safe From Hackers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.thexyz.com\/blog\/#website\",\"url\":\"https:\/\/www.thexyz.com\/blog\/\",\"name\":\"Thexyz Blog\",\"description\":\"Email and Domains\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.thexyz.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-CA\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.thexyz.com\/blog\/#\/schema\/person\/29825f4c97e9354f112a842f512b7b7b\",\"name\":\"Thexyz Staff\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-CA\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/487704f4a6dcb1afe72795093a1aaa5e5987c0bb5c3cf8dae185682ded562985?s=96&d=monsterid&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/487704f4a6dcb1afe72795093a1aaa5e5987c0bb5c3cf8dae185682ded562985?s=96&d=monsterid&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/487704f4a6dcb1afe72795093a1aaa5e5987c0bb5c3cf8dae185682ded562985?s=96&d=monsterid&r=g\",\"caption\":\"Thexyz Staff\"},\"description\":\"Thexyz staff are passionate about helping people with email and website so they can get the most out the web. Our staff includes our support team, developers and any contractors that may be willing to contribute.\",\"sameAs\":[\"https:\/\/www.thexyz.com\",\"https:\/\/x.com\/https:\/\/twitter.com\/thexyz\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Keeping Your WordPress Site Safe From Hackers - Thexyz Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/","og_locale":"en_US","og_type":"article","og_title":"Keeping Your WordPress Site Safe From Hackers - Thexyz Blog","og_description":"Since more WordPress users are becoming victims of malicious hacks which is usually occurring to users using older versions of WordPress. It is becoming increasingly important to keep vulnerable themes\/plugins installed up to date. As well as follow the steps in this guide to reduce the risk of you becoming the next victim. Users are [&hellip;]","og_url":"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/","og_site_name":"Thexyz Blog","article_published_time":"2012-08-13T02:47:00+00:00","article_modified_time":"2022-02-20T12:28:58+00:00","author":"Thexyz Staff","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/thexyz","twitter_misc":{"Written by":"Thexyz Staff","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/#article","isPartOf":{"@id":"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/"},"author":{"name":"Thexyz Staff","@id":"https:\/\/www.thexyz.com\/blog\/#\/schema\/person\/29825f4c97e9354f112a842f512b7b7b"},"headline":"Keeping Your WordPress Site Safe From Hackers","datePublished":"2012-08-13T02:47:00+00:00","dateModified":"2022-02-20T12:28:58+00:00","mainEntityOfPage":{"@id":"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/"},"wordCount":653,"commentCount":1,"articleSection":["Websites"],"inLanguage":"en-CA","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/","url":"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/","name":"Keeping Your WordPress Site Safe From Hackers - Thexyz Blog","isPartOf":{"@id":"https:\/\/www.thexyz.com\/blog\/#website"},"datePublished":"2012-08-13T02:47:00+00:00","dateModified":"2022-02-20T12:28:58+00:00","author":{"@id":"https:\/\/www.thexyz.com\/blog\/#\/schema\/person\/29825f4c97e9354f112a842f512b7b7b"},"breadcrumb":{"@id":"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/#breadcrumb"},"inLanguage":"en-CA","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.thexyz.com\/blog\/keeping-your-wordpress-site-safe-from-hackers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.thexyz.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Keeping Your WordPress Site Safe From Hackers"}]},{"@type":"WebSite","@id":"https:\/\/www.thexyz.com\/blog\/#website","url":"https:\/\/www.thexyz.com\/blog\/","name":"Thexyz Blog","description":"Email and Domains","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.thexyz.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-CA"},{"@type":"Person","@id":"https:\/\/www.thexyz.com\/blog\/#\/schema\/person\/29825f4c97e9354f112a842f512b7b7b","name":"Thexyz Staff","image":{"@type":"ImageObject","inLanguage":"en-CA","@id":"https:\/\/secure.gravatar.com\/avatar\/487704f4a6dcb1afe72795093a1aaa5e5987c0bb5c3cf8dae185682ded562985?s=96&d=monsterid&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/487704f4a6dcb1afe72795093a1aaa5e5987c0bb5c3cf8dae185682ded562985?s=96&d=monsterid&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/487704f4a6dcb1afe72795093a1aaa5e5987c0bb5c3cf8dae185682ded562985?s=96&d=monsterid&r=g","caption":"Thexyz Staff"},"description":"Thexyz staff are passionate about helping people with email and website so they can get the most out the web. Our staff includes our support team, developers and any contractors that may be willing to contribute.","sameAs":["https:\/\/www.thexyz.com","https:\/\/x.com\/https:\/\/twitter.com\/thexyz"]}]}},"_links":{"self":[{"href":"https:\/\/www.thexyz.com\/blog\/wp-json\/wp\/v2\/posts\/218","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.thexyz.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thexyz.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thexyz.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thexyz.com\/blog\/wp-json\/wp\/v2\/comments?post=218"}],"version-history":[{"count":2,"href":"https:\/\/www.thexyz.com\/blog\/wp-json\/wp\/v2\/posts\/218\/revisions"}],"predecessor-version":[{"id":2232,"href":"https:\/\/www.thexyz.com\/blog\/wp-json\/wp\/v2\/posts\/218\/revisions\/2232"}],"wp:attachment":[{"href":"https:\/\/www.thexyz.com\/blog\/wp-json\/wp\/v2\/media?parent=218"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thexyz.com\/blog\/wp-json\/wp\/v2\/categories?post=218"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thexyz.com\/blog\/wp-json\/wp\/v2\/tags?post=218"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}