It was pointed out to me recently that we’ve been pretty discriminatory here on the blog recently, assuming that people want to avoid getting hacked. What about the people who *want* to be hacked? Maybe you’re interested in hearing about the political leanings of web savvy (and morally undeveloped) youth. Maybe you enjoy the thrill of the chase in figuring out how a hacker got in. Maybe you’re just lazy. Whatever the case, here are 5 steps you can take today (or just not worry about fixing) to put yourself at risk:
After all, updates can break your site, right? Just ignore them. Plugin updates, theme updates, core updates. Heck – even updates to your FTP client or operating system – they can all wait.
This theme has encrypted code in the footer to prevent the author’s “Real Estate Miami” link from being removed? That’s a sign of professionalism and quality. Use it.
No one is going to guess that your password is “Password”. Maybe “123456″ is just the password you always use so you can remember it. What are the odds that somebody is going to check your little corner of the web and try the password?
Reseller hosting is for suckers, and anything more than $10/month for hosting is highway robbery. Having all of your sites accessible via one FTP login is so convenient it’s worth the risk.
Logically, this won’t make you less secure. But according to logic, the toast you drop in the morning should land butter side up 50% of the time. We all know it’s butter down every. Single. Time. Somehow, a site without backups is just more likely to get hacked.
Yes, this is all terrible advice. Over the next week or so, we’ll be putting out a post on each one of these topics – why they’re a problem, and what you can do to solve them – so check back! In the meantime, I’d love to hear more tips on how people (inadvertently) make their sites less secure – share in the comments!
Yikes. I have been pretty lazy with those updates, and totally oblivious to the fact that I could be creating trouble for myself! I’m such a complete novice, that I avoid those updates because it takes active (technological) brain cells, on my part. You have helped me so much with your posts and with blogging 101. Please keep it up.
~ Carolyn
This is indeed terrible advice- i will make sure not to follow any of it – thanks!
Lol! I love the sarcasm in this post!
Know what NOT to do can be just as important as what to do!
Here are 2 related tips to help get your account hacked:
1. Give out your username and passwords. After all, if someone is going to work on your site for you, they need access. Sometimes it just takes too long to add a new user.
2. OK – Heaven forbid you actually DO create a new account for a contractor, you might as well leave that account active long after the work is complete. After all, you never know if you will use that person again in the future! It is too much work to have to recreate an account a second time.
Thanks for the post!
Paul.
hi peter, im one of your client, so if you had any reference, regarding wordpress templates, which of the sites that we can download the wp templates that is the safest from hacker ?
do you have any reference site?
Ok , i’ll change my password from 123456 to 654321
Useful post , Thank you
August 13, 2012
Haha Peter, Awesome advice…. ….not!
)