Backing up your website is a great, proactive way to make sure that your website and content will always be available in the case of some kind of hacker or malicious attack. However, it is also just as important to prevent those attacks from happening in the first place.
There are several default settings in your WordPress site install that, if not taken care of, can cause serious breaches to your website’s security. A plugin like BetterWPSecurity will help mitigate many of those risks.
Watch this video on security:
Configure your website using the simple checklist provided by BetterWPSecurity.
Here’s the link for Better WP Security in the WordPress Repository.
In the middle part of 2013, there was a brute force attack on WordPress websites because of people’s tendency to leave default settings intact. These default settings include “admin” as the primary username, not deleting the Sample Page or “Hello World” post, and not updating plugins or old themes. One of the best things you can do to educate yourself about security risks is to read up on what has happened in the past, and how to avoid that in the future. This article does a great job explaining what happened in the most recent brute force attack on WordPress sites.
Here’s another helpful article from WordPress on Brute Force attacks.
Does this kind of thing scare you? Are you worried about your website? I think with this tutorial and installed backup, you are probably in some of the best shape possible for defending against attacks.