I have tried many hosting sites and security plugins and I am now learning Drupal just because of how unsafe WordPress seems to be. But many of my clients are not ready to leave WordPress and I host their website on a shared hosting server.
We’re always dealing with all sorts of hacking issues and I was wondering if there’s any training I can take or field I can look into to really learn how to deal with these and be more proactive. For instance this image shows a sample of hundreds of php injected files on the server.
I am looking for courses that can help me prevent these besides using Wordfence or Sucuri. Thanks!
For all intents and purposes, I am a designer-first website person with an understanding of HTML, CSS light JavaScript and very basic PHP (for now)
​
[ad_2]
I know this is out of reach for many, but here’s what my agency does, and we haven’t had a site hacked in years:
1. Custom built theme, built by an experienced developer (in-house).
2. Limit the number of plugins, and try to only use plugins from respected developers (Gravity Forms, Acf, yoast are typically all we use)
3. We have annoyingly complex passwords, and try to limit the number of user accounts to 2-3.
4. Decent hosting. I don’t know how much effect hosting has, but we’ve been lucky with Siteground and Kinsta.