Has Been Hacked!

About the Hack
About the Restore

While a new site is being restored on SiteGround, you may be interested to read more about the hack on our Facebook Page!



Site Ground 1-click installThere are so many things to take into account from the very start of your website. If you don't take those things into account, you will have to do more work later on to overcome the structural weaknesses you created.

As I do a new WordPress install on SiteGround, let's look at some security you can add at the very beginning. You may need to look at the full size version of the screenshot.

1. Choosing a non-obvious user name is critical. Many versions back, all WordPress sites started with the first user name of "admin". Now, as I watch people trying to hack into the WordPress dashboard, they are all starting with "admin". But, they also use the business owner's name, the company name, administrator and all sorts of other easy to guess user names. Choose something that's not obvious!

2. Choose a super nasty password ... one that is very inconvenient for you. The default password shown in the screenshot is OK, but not great ... it's not long enough to be great!

3. If something is trying to log into your site over and over with different passwords, guess what? It's probably attack software! SiteGround can install with a plugin that will block more than 3 login attempts. Better than not blocking, but I like to install WordFence instead.

4. They want your database. By starting the database name with some abbreviation, you have added another line of defense.

5. Each table in the database also has a name. WordPress installs with 11 tables that have specific names. If you start the name with a cryptic abbreviation, it's much more difficult for the hackers use your database for their nasty work!

Even if you do a manual install, you should be taking these same security precautions!