Read this article carefully if you are looking to secure your website especially if you're using WordPress, Joomla, or any other CMS .
Q. How do hackers hack my website !?
Hackers can use a weak point inside your control managment script , taking the advantage of an exploit to hack into your administrator panel, from inside your admin panel its easy to modify your website and uploading "Shell" file to take control over your website files and even to take control over your hosing server .
Taking control of your hosting server means all the websites hosted on the same server are in risk , because they could be hacked as the websites considered as files and folders on the server . A same method could an attacker use to hack your CMS website . Another way , hackers may hack directly into your hosting server , and as your website files are on the same server means your hacked , In this article i'm not writing about hacking servers as much as i will talk about how to secure your website specially your CMS .
Tips For Adding More Security To Your CSM
First To be honest with you , there is nothing called 100% security , even my website where your reading this article right now is not 100% secure. because there might be a 0day exploit .
However , there is several methods you can take or you can chose some of them to make your website secure up to 99% .
Chose another user name far from common login names "admin,administrator,root"
Chose a complex password example "2Apples@1MONKEY"
While installing your control managment system make sure to change the prefix of your database table's prefix , most common tables prefix name in joomla is "jos_" and word press is "wp_".