I received an email from a reference that his friend’s website had got hacked. It was being redirected to let’s say strange website and google showed website as compromised.
We fixed the site and have already submitted to google for review.
Hopefully soon the website will be all back to normal.
Now comes the part of analysis – review
5 Factors That Makes Your WordPress Website Vulnerable
- Not using WordFence or Any firewall / security plugin
- UJsing Outdated Versions of WooCommerce and WordPress core files.
- No Enabling Two Factor Authentication 2fa on your website.
- Keeping default username “admin” on your wordpress website.
- Using Outdated / Vulnerable plugins like WP Bakery Builder / File Manager etc.
In case you also have not yet enabled 2fa, firewall etc, I highly recommend you to take the steps mentioned above to make your site secure.
Don’t forget to schedule monthly , weekly or daily backup plan for the website.
I see people blaming WordPress and how easily website gets hacked.
But when you don’t follow best practices – you are sure risking your site to be hacked.
Regularly update your plugin / themes / core files.
In case you don’t know how to do it or are not comfortable signup with a service provider who provides WordPress Care plans etc to ensure your site is protected at all time.