Frequently Asked Questions

What is Wordpress security?

Wordpress security refers to specific steps, methods, and techniques implemented to ensure that Wordpress data and files on a webserver can't be accessed or changed by anyone without specific authorization. When your data and files aren't protected by proper security measures, your Wordpress site is left vulnerable for malicious hackers (crackers) to wreak havoc and destroy your hard work, your website, and possibly your livelihood.

Why should I care about Wordpress security?

Like most Wordpress users, you've put many hours and lots of effort into your site. It would be devastating to have to start over if some hacker destroyed all your hard work. Wordpress is an excellent website platform, but it has many security holes that hackers can exploit to get into your site to either cripple or destroy it. Wordpress security should therefore be one of your primary concerns.

How will I know if my site has been hacked?

You probably won't know you've been hacked until it's too late. If you notice that your traffic has significantly dropped, you see funny characters or strange links in your content, or your webpages suddenly stop showing up in the search results... chances are your site has been hacked. See our HackerFolio for some examples of hacked Wordpress websites we've encountered.

Are security plugins enough to protect my site?

Absolutely not! There are some good Wordpress security plugins but they don't secure everything. Do not be fooled! There is NO plugin or set of plugins that can adequately secure your site. Multiple layers of security are the best way to secure Wordpress.

Is it important to keep Wordpress, and its plugins and themes up-to-date?

Yes! Keeping your Wordpress installation, plugins and themes up-to-date reduces the risk of security vulnerabilities and performance issues.

Will you upgrade my site to the new Wordpress version when it's released?

We do not update Wordpress when upgrades are first become available. We prefer to wait and see if any unforeseen issues arise on our test sites or with other users around the web. As soon as we're certain the new version is stable and secure we will update your site.

Should I use an automatic update plugin?

We only update plugins after they've been thoroughly checked on our test sites, to make sure they don't compromise the extensive security measures we implement. Automated updates are convenient, but the results can be a disaster security-wise.

Is it possible for me to secure my own Wordpress site?

Yes it is however; there are many steps to properly secure a Wordpress site, some of which are very technical. If you aren't well-versed in the workings of Wordpress, PHP coding and databases, you're better off leaving it to a professional. Almost all the hacked sites we've fixed had some type of do-it-yourself security.

Why should I use Wordpress Security Pros to implement security?

Security has been a way of life for us for decades, in our prior careers and on the Web. You get the benefit of our professional experience with Wordpress security. We're a divison of a long-established Internet company, and your satisfaction is one of our top concerns. Please read about us for more on our backgrounds in security.

Do you guarantee that my site won't get hacked?

No one can make that promise. If someone does... back away quickly. Technology is constantly changing. Hackers stay on top of these changes and sometimes lead the way. We cannot guarantee that your site will never get hacked. We do guarantee to make getting into your site as difficult as possible. Most hackers simply get frustrated, give up, and move on to tampering with someone else's site.

Will my usernames and passwords be safe when you work on my site?

Absolutely! Security is our first priority. We have strict internal security measures that are enforced and followed to the letter to protect all of your information.

What does "multiple layers of security" mean?

We use many different layers of security to help protect your website from being hacked. Each layer by itself is capable of stopping an attack. When you combine all of the layers, the overall security level goes up geometrically, creating a vastly stronger Wordpress security system.

How long have you been working with Wordpress security?

We've been working in ecommerce and Internet marketing for thirteen years. We're proud to say that we began using WordPress for our clients and our company sites mid-2005. We've been incorporating Wordpress security into all of our projects since then, and we raised the bar many levels after we got hacked back in 2007.

Why do you call your company "Wordpress Security Pros?"

We've implemented Wordpress security on close to one thousand (1000) Wordpress sites. We're the best at Wordpress security because we're constantly learning how hackers attack Wordpress. We run over three dozen Wordpress test sites, some with versions as old as 2.0.4. Read about our Wordpress security testing.