post > Technology > WordPress Security: What Community Thinks!

WordPress Security: What Community Thinks!

WordPress Security: What Community Thinks!

  • By Tesla 
  • Category: Technology 
  • Comments (0) 

WordPress releases a new version with the upgrades every 3-4 months. No other content management system can catch up with this speed. It means that there is a big team behind the game. Every release has a lead who is a top notch developer and he has a team of more than 200 devs working on the upgrades. With these updates, the core team tackles the issues and some new features are also added every time. The core team remains connected with the community through the beta releases. Therefore, a release does not just depends on the core team, but on the whole WordPress community.

Questions on WordPress security have been raised several times. Brute Force Attack and vulnerabilities are common with WordPress. Most of the developers to whom I posed a question on security of WordPress were concerned about the security of the CMS.


There are thousands of plugins and themes registered within the WordPress repository. The giant WordPress companies update their plugins right after every new release. Actually, it is necessary to update your websites with every new version of WordPress.

One of the basic chances you can create for the hackers to attack your WordPress website is to run outdated plugins and themes. And the products that aren’t active may lose their customers soon. WordPress forces its users to update to the latest version by culminating the support for the previous version. But, unfortunately many WordPressers do not upgrade. This eventually results in hack attacks on the websites and databases.


Hosting with shared servers is one of the biggest reasons for the increasing number of these hack attacks. Bots tend to look for open ports to enter and attack the servers. If you have a weak password and bots crack them, it is not only harmful for you, but also for those who have hosted on the same server. Keeping each site on server secure is very important.

When giving access to the customers, these hosting agencies should ensure to keep an eye on their activities. There are several plugins available for making the website admin secure. It is also recommended to use two-factor authentication.

Also read: Think twice before ignoring these 3 WordPress security tips


Sometimes we can control the security of WordPress through easy steps. All these experts explained it beautifully. I am summarizing the steps in few tips:

Choose your WordPress host wisely.
Always keep backups of your work.
Keep your WordPress, plugins, and themes updated.
Use two-factor authentication at WP backend.
Use strong password for login.
Use the recommended security plugins like VaultPress, WordFence, etc. to avoid attacks.
What are your common practices to secure your website? Tell us in the comments below.

About the author: Waseem Abbas is a WordPress Community Manager at Cloudways. He has a knack for exploration. Whenever he explores a WordPress trouble, he tries his best to solve it. He is also a food explorer and travel lover.

Upcomming Events


Trading futures, options on futures, retail off-exchange foreign currency transactions (“Forex”), investing in managed futures and other alternative investments are complex and carry a risk of substantial losses. As such, they are not suitable for all investors. You should not rely on any of the information herein as a substitute for the exercise of your own skill and judgment in making such a decision on the appropriateness of such investments. Any mention of ‘funds’ within this site encompasses both privately offered fund and separately managed account investments. Past Performance is Not Necessarily Indicative of Future Results. The regulations of the CFTC require that prospective clients of a managed futures program (CTA) receive a disclosure document when they are solicited to enter into an agreement whereby the CTA will direct or guide the client’s commodity interest trading and that certain risk factors be highlighted. The disclosure document contains a complete description of the principal risk factors and each fee to be charged to your account by the CTA. RCM Alternatives and Learn Alts are registered ‘dba’s' of Reliance Capital Markets II, LLC. Copyright © 2016


Invalid or expired token.