Virus/malicious code is always a headache for your website if you don’t have professional administration knowledge or no experience in promoting security. However, you can still prevent it from the beginning with the ways I want to suggest to you. Minimize websites infected with malicious code, limit attacks.
The reason for being infected with malicious code.
- In the process of uploading data, if the data on your personal computer is infected with a virus when uploading, it will bring a virus.
- Password management information is set at a simple level, not difficult enough, very easy for hackers to exploit
- For example: in some cases, the password is 12345678, 12345678a, 1234512345, 123acb… Password needed to have high complexity likeBkodbOjNBu5H
- Do not actually update WordPress versions, plugins and themes to the new version (old versions have many holes)
- Using the free theme and plugin is very likely to get infected with a virus compared to the paid version (the paid version still suffers, but the paid version has periodic updates from the developer).
- Using paid themes and plugins but shared for free also makes website very easy to install malicious code.
- Non-compliance with standards, security rules of website/hosting usage.
- Don’t regularly scan websites with tools and plugins to scan for malicious code.
- Websites operating on the internet will be at risk every day, every hour because there will be hackers, auto bots find vulnerabilities to exploit and insert malicious codes, so the website needs to be checked for updates and maintained regularly. (Some companies and businesses always have dev and IT teams to do this review)
Some basic ways for you to prevent and limit.
1. Don’t use an account named “admin”
The default user will be admin, but it’s best to change it.
Better to set up meaningless user and password.
- User: YEz_nL6k9sA3
- Pass: XU$fewKEO2Jy
2. Use Passwords of high complexity.
Some users often set a password 12345678, 12345678a, 1234512345, 123acb easy to remember, but this easy to remember will have a very serious impact on your website in the long run. It is best to select Password Generator
3. Always update WordPress, Themes, Plugins to the latest version.
WordPress versions, Themes, Plugins all have updates and you need to update them to be secure and patch dangerous vulnerabilities.
4. Set Permissions for wp-admin and wp-config.php folder
Setting permissions for this file is very important, you need to set the file to only read, write, or execute for better security.
5. Restrict plugin installation.
Restricting the installation of an unsecured plugin on your website is a very important issue, when you install an unreputable plugin on your website, it is like you are helping to bring bad guys into your home.
6. Change the login URL
You should change the login URL, the default will be domain/wp-admin but it is very predictable and you can change this path.
You can use the following plugin to change, this plugin is rated as safe and very good.
7. Change Prefix Table Database
By default, when you install WordPress Database, your Prefix will be wp_table. You can change wp_ to another prefix to keep your database safe.
8. Install SSL for the website to use https protocol.
Currently, Google websites are required to have SSL certificates and Google appreciates websites with SSL. Not only that, when you use SSL, but your data in transit will also be encrypted, making it much safer.
9. Check files before using to upload to web, hosting.
Before you upload any files to your website or hosting, you need to consider and scan for viruses before uploading. On your local computer, you can install some virus-scanning software to scan files, the free software is also quite good.
10. Backup data periodically.
By default, all providers have periodic backups for your hosting. However, proactively backing up at your discretion and keeping it on a personal computer is still a matter of concern and implementation.
- Hotline 247: 028 888 24768 (Ext 0)
- Ticket/Email: You can use your email to register for the service and send it directly to: email@example.com
- Visit the AZDIGI website to refer to the best hosting/VPS service in Vietnam.