In this multipart series we will cover typical mistakes that are commonly exploited by hackers to take over or deface WordPress sites and we will cover how to prevent them.
Those of you who have ever taken a look at the WordPress support forum will know how often WordPress users from all over the world ask for help, because they got hacked. A Google search for “WordPress Help I’ve Been Hacked” yields 1,770,000 results.
The main reason why attackers choose to hack WordPress sites is because it is one of the most widely used content management systems (CMS). It has even been estimated that roughly 17% of the Internet runs on WordPress. This obviously makes it an attractive target.
The first part of our series focuses on one of the most trivial issues attackers abuse to fully take control of a WordPress site – security issues regarding WordPress user accounts and passwords.