We can only protect WordPress through the processes we carry out on your sites or your clients sites. However a website can be hacked in so many other ways. Below are some of the ways that a site can be hacked and how you can protect against it.
Hosting Control Panel Logins
When you or your client signs up for hosting you will no doubt receive an email containing all the details of the package you have selected. This will include:
- IP address for hosting
- MX records
- A records
- Nameserver settings
- Links to helpfull information
All pretty innocent stuff so far, but it will also contain:
- User name and password to access the control panel
- FTP user name and password
- User name and password for the database connection
All this information was contained in an email and sent to you or your client, and is now sitting on their computer in plain text.
Change these passwords as quickly as possible – before – you setup your website. With the information above any website hosted on this account could be hacked.
If possible you should implement 2 factor authentication on any and all control panel / account logins.