There are many factors that play into keeping your Content Management System (CMS) and website secure from both brute force attacks as well as other intrusions such as file system and injection-based hacking.
Among the approaches that we use to keep your site secure, here are a few that can provide a baseline approach to securing your website:
- Use best practices to build the site (i.e. always sanitize all database inputs using properly prepared statements)
- Keeping software up to date (this includes both the WordPress CMS and its plugins)
- Limiting user access (limiting the fallout of a potential breach by implementing restrictions to prevent file system changes)
- Creating strong passwords for users (passwords that are computationally difficult to break)
At IQComputing we follow best practices when building every site to the greatest extent possible. Keeping your Content Management System and its plugins up to date is very important regardless of whether or not you are hosted with us. If you host your website with a third party provider, you are responsible for the updating and managing of all security aspects of your installation. With our managed hosting services, we can ensure that your WordPress CMS and any installed plugins will always stay up to date.
Hosting with IQComputing’s managed services comes with a few more extra benefits to keep your content management system secure. We install anti-spam plugins which will keep Spammers and Brute Force Bots from repeatedly attacking your website. This is most noticeable when you log into your website’s admin panel, (when you may see a captcha to help cut down on bots from trying to break your login). We employ other techniques such as lockout mechanisms to keep malicious users from repeatably guessing your username and password. After several unsuccessful attempts of a wrong username or password, the user will be locked out for a period of time. If you have mistakenly locked yourself out of your account, please contact us for assistance.