Think Your Little Website Is Immune to Hackers? Think Again.

As someone who provides ongoing WordPress Website Care and Maintenance, a few things have come to my attention in recent months.  The first is that there are three distinct types of WordPress website owners when it comes to security.  And the second is that people mistakenly think hackers are only targeting big brands, banks and government sites. So let’s talk a little bit about both.

Hackers Only Care About BIG IMPORTANT websites…NOT!

While it’s true that when I first began providing WordPress Website maintenance services I seldom received notifications of attempted logins for my clients, that’s no longer the case.  I provide services to a wide variety of clients from simple bloggers to online stores.  In the past three months all of them have had some sort of activity flagged by my security monitoring that indicated attempts to login or otherwise gain access to the website by unauthorized persons. All of them.

Just because you haven’t been hacked yet doesn’t mean someone isn’t out there trying.  That means that maintaining your WordPress website is more important than ever.  Which brings us to how owners of WordPress websites tend to react to website security.

The Three Types

As I said, after years of working with WordPress I’ve managed to interact with a lot of individuals who have their websites built on WordPress. When it comes to talking about security, they tend to fall into one of the following three types:

Type #1:  The Henny Penny

Remember Henny Penny?  She was the chick (literally..a chicken) in the children’s story who got bonked on the head by some little thing and proceeded to freak herself and everyone else she came in contact with out by proclaiming that the sky was falling.  And of course it wasn’t, but she did manage to get a bunch of her friends eaten by a fox with her false information.  The Henny Penny website owner hears about a security flaw in WordPress and proceeds to declare to everyone she knows that WordPress is unsafe.  She immediately starts looking for alternatives and lets everyone else she comes in contact with know she’s doing it because WordPress is ‘full of security holes’.  Which of course isn’t true.  WordPress is vigilant in finding and fixing security flaws and as long as you keep things up to date, the sky isn’t falling.  While security is definitely something you want to stay on top of (or hire someone else to do it for you), WordPress is not unsafe.

Type #2:  The Grasshopper

Keeping with the children’s story, we’ll call the second type The Grasshopper as in The Ant and the Grasshopper. They simply ignore the backend of their WordPress website.  If someone else has created their website for them, they may not ever even log into the Dashboard at all.  It’s not until their site gets hacked or hijacked do they even think about their website security.  Then they are in a panic. Many even blame WordPress when in fact it was their own lack of attention that caused the problem.  By the way, I find a large majority of WordPress website owners are Grasshoppers.

Type #3:  The Ant

With Type #2 being the Grasshopper, that would make Type #3 the Ant.  The Ant knows that staying secure requires a bit of work.  They either keep WordPress, themes and plugins updated or they hire someone to do it for them.  Really wise Ants like my clients, hire someone that also monitors for attempted logins and does ongoing security monitoring across the board.  Ants, sadly, are in the minority.

With today’s increasing number of brute force attacks and malware injections, being a Henny Penny or Grasshopper can spell disaster. No matter what kind of WordPress website owner you’ve been in the past, it’s never too late to become an Ant. Or hire one.


Tina Marie Hilton provides online technology services to forward thinking businesses. She writes on her Tips from T.Marie business blog to share insight and information with other small businesses and entrepreneurs. It also makes her feel like that certificate in creative writing isn't going to waste completely.


  1. wpbackupservice on June 3, 2014 at 3:34 pm

    I enjoyed the metaphors used in explaining WordPress Security and the three different types of users. I also found out while working on securing WordPress sites, that more end users keep their head in the sand and ignore security until they are hacked. Security starts at the installation and through the life of the site. Like you stated, its an ongoing process that needs daily attention to prevent the hacker from getting their way.