Over the last week WordPress sites worldwide have been attacked by hackers. So what? you may say. We all know hackers are busy 24/7 trying to cause havoc.
But this time it's a biggun. Apparently a botnet of tens of thousands of computers has been busily squirrelling away at any WP site using 'admin' as the login username.
Here's what the BBC's website has to say: 'The botnet targets WordPress users with the username "admin", trying thousands of possible passwords.
The attack began a week after WordPress beefed up its security with an optional two-step authentication log-in option.
The site currently powers 64m websites read by 371m people each month.
According to survey website W3Techs, around 17% of the world's websites are powered by WordPress.'
So your first step, therefore, is to change your username. Now.
(Any WP sites I set up, by the way, don't use 'admin' as the username. It's just too obvious.)
You should also update to the latest version of WordPress (remember to back up first!) and use the optional two-step authentication with a secret number. Yes, it's one more thing to remember but a darned sight easier than rebuilding your website.
Next, install a plugin such as Better WP Security.
I also recommend installing your website in a separate folder on your server rather than in the root folder. Just don't call the folder WordPress or Website!
If you want help beefing up the security on your site, please do get in touch with me so I can help you ward off hackers.