“My WordPress Blog Got Hacked” is something that we as a hosting company hear all the time, which is unfortunate. What’s even more unfortunate is we as the web hosting provider often get blamed for it by our very own customers. I can’t really blame our customers for this either, I guess they just don’t know it can happen — So hopefully, this blog post will help bring some awareness and help prevent their blogs from being hacked.
It’s not uncommon for a WordPress site to get exploited, you’ll often see an image of some pirate or a bunch of statements claiming that you’re a sucker for getting hacked. Doesn’t really look all too professional when your visitors see this. If you feel that you’re the only one out there, you’re not. If you think that WordPress is the wrong CMS to use, that’s not the case. With a proper setup, you could avoid being defaced.
WordPress has put together an entire My WordPress Site was hacked FAQ page, dedicated to help WordPress users prevent their sites from being hacked and for those who have been hacked, preventing it from happening again. Check it out, it will be helpful in preventing your WordPress installation from being exploited.
I do want to point out a part of the FAQ, where it says to check with the hosting provider.
As far as the hosting environment goes, we take security very serious. We have a multitude of security measures in place to prevent a wide-spread type of exploitation of scripts. So you’re safe there. We regularly update our servers, scan them for vulnerabilities and do what we are required to keep our customers safe. The general rule of thumb for protecting yourself from being exploited is: Always upgrade to the latest version, don’t use unknown plug-ins and keep regular backups.