Over 90% of hacks occur because hackers have identified a vulnerability in a theme or plugin, and exploited it over several websites. When vulnerabilities are discovered, mostly by security researchers, they are disclosed to the plugin developer for patches.
Taking backups is quite possibly one of the most underrated tactics you can apply. Always take daily backups so that you can quickly restore your website in the event of a catastrophic failure.Choose a good backup plugin that is reliable, because manual backups are difficult to execute correctly without considerable expertise.
Over 90% of hacks occur because hackers have identified a vulnerability in a theme or plugin, and exploited it over several websites.So what is a vulnerability? Themes and plugins are software. Like any other software, they are pieces of code that will invariably have bugs. Some bugs are relatively harmless and may just cause a minor glitch while updating. Others can render the code vulnerable to exploitation.
If you notice from the previous section, we referred to developers who release updates to patch vulnerabilities as responsible. In short, good developers actively maintain their software.This is by no means a universal state of affairs. Sad, but true.Thus, we strongly advocate the use of good plugins and themes for your website. Understandably, “good” is a relative and somewhat vague term.
Active installs
A popular plugin with millions of installs will always have a target on its back. Contact Form 7 is a very clear example of this trend. The flip side is that popular plugins also tend to be more secure because they usually have a bigger and better team working to improve the product.
Typically, paid plugin vendors spend more time and money on finding and patching vulnerabilities. But if you’re worried about your website’s security, we highly recommend using premium themes and plugins instead.As a side note, you may be tempted to use nulled plugins and themes. Don’t do it.