A very useful and comprehensive guide about the WordPress security, step by step guide :)
The WordPress security team works diligently to provide important security updates and vulnerability patches. However, the use of third-party plugins and themes exposes users to additional security threats. By regularly installing the latest versions of core WordPress files and extensions, you can ensure that your website possesses all of the prevailing security patches.
Plugins and themes can become deprecated, obsolete, or include bugs that pose serious security risks to your website.
To protect your WordPress installation, we recommend that you audit your plugins and themes on a regular basis.
Assess Your Plugin Security
You can assess the security of WordPress plugins and themes by reviewing a couple of important indicators:
Does the plugin or theme have a large install base?
Are there a lot of user reviews, and is the average rating high?
Are the developers actively supporting their plugin and pushing frequent updates or security patches?
Does the vendor include a physical contact address in the ToS or from a contact page?
Carefully read the Terms of Service - it may include unwanted extras that the authors didn’t
Securi analyzed over 11,000 sites that were hacked. 78% were WordPress sites. Lots of interesting info in this report, and 1 of the 3 top outdated plugins surprised me. The other 2...not so much.
There are currently over 1 Billion websites on the web. That number is growing as more of the world gets connected and technology makes it easier for people to have a voice and online presence through things like a website. This growth is being enabled by the explosion of technologies like open-source Content Management Systems (CMS. Over a third of the websites online are powered by four key platforms: WordPress, Joomla!, Drupal, and Magento. -WordPress is leading the CMS market with over 60% market share. This explosion and dominance by WordPress is facilitated by global-user adoption,a highly extensible platform and focus on end users. Other platform technologies have experienced growth in more niche markets, like Magento in the online commerce domain with large and enterprise organizations, and Drupal in large, enterprise, and federal organizations.
This user adoption however brings about serious challenges to the internet as a whole as it introduces a large influx of unskilled webmasters and service providers responsible for the deployment and administrations of these sites. This assessment is amplified in our analysis, which shows that out of the 11,000 + infected websites analyzed,