AllanGiven973
I just discovered that certainly one of my older domains that we scarcely use anymore but nonetheless receives trickles of traffic from time to time with it a handful of affiliate sales per month have been hacked. All the files have been deleted, and what was worse was that whenever I investigated the site I discovered which i hadn't backed up the database in quite a while. Therefore I urge everyone to celebrate and recognize today as WordPress Safety Day beside me by following these 4 WordPress security tips.
Backup
I hadn't backed up that website which got hacked in well over a year. This is inexcusable considering there are many free plugins which allow you to schedule backups. I could not even look for a recent backup from my hosting provider whom I set the database up with, either.
I recommend that you use a backup plugin such as WP-DB-Backup. It is a free plugin and one of my favorite WordPress plugins for 2012 which while it was not updated in awhile it gets the job finished in that you can select the precise files which you wish to support and only create backups when needed or schedule these to be emailed to you once every hour, day, week, etc. so you are aware any time you've any issues (security or technical) with your site you'll have that backup.
You can even backup your website through your hosting/database provider and it is advisable because copying your database means copying all your posts, pages, plugins, and preferences. I suggest that you go ahead and backup all your sites now.
Update
I know it can be annoying to obtain bugged by WordPress to update to the latest version every week approximately, but WordPress updates are paramount towards the security of the site. Hackers are always looking for ways to compromise WordPress' security and discover a method to get into your site for their own amusement or gains, and that's why it's essential that you simply remain up to date with WordPress' updates as they create these updates partly to repair compromising errors and holes in their security that could be exploited.
Permissions
You need to limit the permissions for the various files and folders which will make your site whenever possible while still being able to operate and performance properly. You can alter the permissions to see, write (meaning read and write), and execute (which describes read, write, delete, change) your files and folders with regards to you, a group, or everyone. The less permissions you can allow, the more secure your website will be, but certain plugins which require use of certain files can't unless they've permission.
Password
Finally, remember to change your passwords from time to time. It is a good habit to get involved with recording your passwords for the login, database, etc. and updating them each month or so if possible. And you've probably heard this many, many times from anyone you retain passwords with, but avoid simple to crack identity related passwords. A good password is comprised of numbers, letters (upper case and lower), and symbols.
I recommend putting all of your WordPress login URLs of your various sites into one bookmarked folder inside your browser to be able to open all of them at the same time and don't forget to backup, update them, restrict your permissions, and change any passwords once a month, the ones which you rarely used anymore.
