Website Tips

How To Protect Your WordPress or Joomla Account From Hacking and Malware


JoomlaMost business owners aren’t web designers, and that’s why so many people depend on platforms like Joomla and WordPress to manage and update their business website. Not only are these websites easy for business owners to use, they also help make sure your website is easy for visitors to use, too.


Indeed, a full 48% of users say that if they arrive on a site that isn’t working well on a mobile device, they take it as a sign that the business doesn’t care about their user experience. However, because these platforms can be so easy to use, too many people take a “set it and forget it” approach to their website. But this hands-off approach is like leaving the front door to your business unlocked. If you aren’t careful, you can seriously compromise the security of your site and private information about your customers.


So how do you protect your WordPress account from hackers, intrusions, and malware? No one can guarantee that your website won’t get hacked, but there are some preventative measures that will help reduce the chances of getting compromised as much as possible.  Check out these tips for making sure that your access to these platforms is as secure as possible:


  • Make sure that your platform version and plugins are all up to date
    If you don’t have a maintenance contract with your current web developer, make sure you have one so that they are monitoring that your platform and plugin versions are up to date.  WordPress is currently running on version 4.6.1 and Joomla’s latest platform version is 3.6.  Both platforms are incredibly popular and power a large majority of the internet, therefore making them more “interesting” and attracting the attention of anyone wanting to insert malicious code, take sites down or steal data. Each plugin and theme installed on your site is like a backdoor into your site’s admin.  All of this means that when a security vulnerability comes to light in WordPress or Joomla core or in a major plugin, it can be quickly fixed, and an update released straightaway. None of this will benefit you unless you keep your version of WordPress or Joomla and your plugins and themes up to date.


  • Delete any plugins or themes you’re not using.  Getting rid of any plugins or themes you don’t need will reduce the likelihood of being hacked.


  • Be Smart About Your Usernames and Passwords
    Especially when using WordPress, it is essential that you make sure to change the default admin username after you install it. If you let the admin username remain, hackers will inevitably gain access to your site, guaranteed.  It’s also important to pick strong, unique passwords for all of your accounts. Adding a plugin that enables two-factor authentication might also be a great way to increase security and make it as hassle-free as possible. In fact, WordPress rolled out a two-factor authentication plugin back in 2013, and it’s proven to be a popular feature for security-minded users.


  • Secure Your Login Screen
    Hackers can still gain access to your dashboard if your login screen isn’t properly secured, no matter how strong your usernames and passwords are. Try limiting the amount of login attempts allowed from a single IP address. You or one of your administrators might have a bad memory for passwords, but it could also give hackers running hacking bots the chance to try millions of different permutations of usernames and passwords until they get lucky.  Use a different login URL than the default provided by WordPress ( and Joomla (  Instead change the “wp-admin” and “administrator” to a custom URL for logging in.  You can discuss this further with your web developer.


  • File/Folder Permissions
    While the beauty of platforms like WordPress and Joomla is that you don’t have to alter many of their settings, it is good to know how file permission modes work. File permission modes are basically the categories that determine who can read, open, or modify which files. Using these modes, you can regulate how accessible all of the folders on your site are.


So, when you work on your WordPress or Joomla platforms, don’t forget that you can do a lot to increase security. For maximum security and peace of mind, work with a website redesign professional to make your site as secure as possible.  Contact MRN Web Designs for a free evaluation of your WordPress or Joomla site’s security!

Leave a Reply

Your email address will not be published. Required fields are marked *