If Your School is Using WordPress as Its Web Site Creation Tool, You Need to Be Aware of This

Edu-cat-ion.blog (which is now accessible by logging on to edu-cat-ion.com) is built on one of the most popular platforms for Web site creation: WordPress.  There’s a good chance that your school may be using WordPress as well, since more and more companies and organizations are choosing it because of its easy-to-use interface.  It was, after all, created as a way to create great looking blogs, and then, as time passed, blogs morphed into full-blown Web sites.  The technology allows the user to create Posts (blog entries) or Pages which create the Web site.  Plugins and other customizations help to enhance the experience even further.

However, there’s one important thing you need to know before venturing into the wonderful world of WordPress on the World Wide Web: Pay attention to your Username.  It’s as important as a strong password.


The log in to your site’s control panel is simple.  It’s your URL/wp-admin.  In other words, just put a slash after your Web site’s address, and type in wp-admin.  A screen will come up that asks for a username and password.  While many know the importance of a strong password, some novices simply use the word “admin” for the site login.

That’s the absolute worst name you could choose.  It opens your Web site to being hacked.  And, make no mistake about this: If you have a Web site, someone somewhere is trying to hack it.

Choosing a simple, common username like “admin” might be easy to remember, but it’s one level of security that’s stripped away.  Just like a password, choose a username that makes sense and is easy to remember, but uses letters, numbers and special characters because, unlike a password, you are NOT able to change your username.

If you already have a Web site built on WordPress, consider downloading a plugin called “Limit Login Attempts.”  It will allow you to set lockouts from attempts to log in to your site from different IP addresses (that is, computers other than yours) should an incorrect username and/or password be used.  You can also select to have an email sent to you when such attempts occur, and opt to see the IP address of where the login attempt is coming from.  There are then tools available on the Web where you can enter that IP address and find its geo-location (that is, “Where in the World” these attempts are coming from).

As always, be sure to secure any of your Web activity with strong passwords that are difficult to guess but easy to remember by you, using a mix of upper and lower case letters, numbers and special characters, and change them frequently – at least every other month.  If you need help remembering your logins and passwords, consider using an app to help you (and yes, you’ll need a REALLY strong password for that one, since hackers know those are the places to find passwords.  Find them on your Apple or Play store.

Two more things:

1) Strongly consider using 2-step authentication.  Doing so sends a text to your phone or gives you a call to ensure you’re the one accessing the control panel of your site.

2) ALWAYS make sure your site is backed up, either by using a hosting plan that provides an automatic backup, or a plug-in that will back up your site.  This way, if someone does hack your site, you can revert to a saved edition of it prior to the hack.

Change that password, and make it a strong one!