You are in constant danger. Maybe you don't realize. Perhaps you are very naive and believe that they will not attack you because you have nothing important to be attacked.
You're wrong. You are in danger and if you do not react on time, sooner or later it will be too late.
But what are you talking about?
Website Hackers obviously..
Like the viruses that surround us every day (such as in the office or on the street), viruses on the Internet are always hanging around you.
Therefore, it is important that you have a security strategy for your blog to combat these viruses.
But before talking about strategies, let's start with the basics.
Improve your password
I can't believe that there are still so many people with a password as dumb as "asd123" or, worse, "1234".
Gentlemen, hackers are a little smarter than that. Anyone could decipher (if that can be called decrypting) that kind of passwords.
Ideally, you should also use a strong password for your operating system. If you are using windows virtual desktop then you have to use Microsoft laps for improved security
It is necessary that you take this seriously and create a password a little more complicated. If possible, one that is so complicated that you hardly understand it.
For example, mix your home number (or home number where you grew up) with the name of your pet, best friend, father or favorite soccer team, plus some extra symbol, such as a question mark or one of exclamation. In my case, it would be 1475 gymnastics !! (Yes, I am a gymnastics fan and Fencing La Plata, what am I going to do?).
It doesn't matter if it's too long. 123456789 is long and easy to decipher. A shorter one, like gymnastics, is more complicated and, therefore, more effective.
As long as you remember, everything goes.
Install security plugins
I always speak that the best platform to have a blog is WordPress. I am not going to explain why you have to choose it over other platforms. It is simply the simplest and most effective.
In this case, to improve the security of your blog, WordPress comes as a finger ring. Why? Because with just installing some security plugins, they do everything (or almost everything) for you.
Among the plugins that I recommend we have:
WP-DB-Backup: Makes a backup of your blog database.
Login Ninja: It does a bit of everything, from banning to IPs that attack your blog, to putting Captchas on the administrator's registration page.
Security Ninja: A very, very complete plugin that does security audits, looks for gaps and vulnerabilities of your site, among a lot of other things.
AdminSSL: As the name says, this plugin ensures you the registration page (or login), the administration area, the posts and the pages using a private or shared SSL protocol. (Unfortunately, this plugin hasn't been updated more than two years ago, so maybe I don't know if it's the best option today.)
Akismet: Who doesn't know Akismet? Everyone who has their blog on WordPress.org should know it. This useful plugin simplifies the life of all bloggers, since it takes away the weight of removing spam comments one by one. By simply activating your account (which can be free or paid) you are already saved from spam.
Theme Authenticity Checker (TAC): Scan all files in your theme to find potentially dangerous codes.
Antivirus: Like the previous one, nothing more than another variant.
WordPress File Monitor: Monitor all files in your WordPress account, looking for unexpected changes. When he finds one, he alerts you immediately. (Like AdminSSL, this plugin has not been updated in a long time).
Better WP Security: A complete plugin that, among several things, changes the URLs of your registration page, removes registration error messages, inserts an SSL protocol to some of the administration pages, improves server security, among other things plus.
BulletProof Security: Another very complete plugin similar to the previous one, but with some small differences.
Wordfence Security: Create a Firewall for your account, scan viruses, verify and repair your database files, among other things.
Search for malware
If you are not aware of your security, and if you did not install any of these plugins mentioned above, it is important that you at least take some precautionary measures. Among them, it is searching for malware.
But first, what is malware?
Malware, according to the wise words of Wikipedia, is a type of software that aims to infiltrate or damage a computer or information system without the consent of its owner.
A typical case of malware is when you download files from the PC, such as installers or programs. If you have a good antivirus on your computer, it is likely that it will detect them automatically. However, not everyone is aware of it. That is the reason for the great proliferation of some of the viruses, many of which could have been avoided with a simple antivirus.
So what to do to find and find malware?
First, have a hosting that does it for you. Many hostings provide security services, although I doubt that any of those are as good as they claim to be.
If that still does not reach you, it is important that you hire extra services such as Sucuri, which do a scan of your server to find the malware, among other things.
Related to the previous point, if you use WordPress.org, you have the chance to use some extra plugins that also look for malware. One that I did not mention in the previous list is Sucuri, from the company of the same name, which is free. This, like Anti Malware plugin, are two services that scan your server for malware.
Finally, we have the option of hiring a computer security expert. Anyway, I am not sure if that is really necessary for your case, since computer security experts are useful for pages with thousands or millions of pages, lots of data, among other things. Also, hiring such an expert is very expensive.
Choose the right hosting
As I said in the previous point, there are some hosting that provide security services. Some are better than others.
What is key is that, at least, these provide malware detection services, daily, weekly or monthly backup, and firewall.
If it is necessary to pay more, than if it is. In the long run, you will be saving a lot of money and stress.
Prepare for the worst
I always say the same when it comes to security: prepare for the worst. You never know when your page can be hacked, and if that happens, you should be prepared.
If you are hesitating between doing something that can improve the security of your page and do something else (such as improving web design), opt for security. It never hurts to protect you from attacks by hackers and viruses.
In turn, it would be nice to have a plan B.
Think about it like this: What would happen if they attacked you? Always have a plan to know what to do in the event that something strange happens to your page. It may be something small that makes you suspect, but it is important that you move quickly.
Scan your page, look at your plugins, ask in some forum (page forum link) and see what they tell you.
The important thing is not to let yourself be, because it may be too late once it happens.