Over the last few months we have had many, many attempts to break into the site. This is a sign that we are growing, which is fantastic, but it also brings up the darker side of the internet. People all around the world try using a few different techniques to break through the firewall. The reason I bring this up is to help all those running a small business online to check for a few things to protect themselves, and to let all those who have been trying to hack our site know that we are watching and this is not the site for you!
First and foremost, check your user name. Hackers assume you have chosen something like Admin or the site name as your user name and they will try and try again to break the password and get in. Make sure you protect yourself by using a unique username and password.
Another way hackers are trying to get in is by using the extension /xmlrpc.php on your site address. Test this in your site and make sure that the xmlrpc is turned off and does not allow people to upload to your site. You can google /xmlrpc.php to get more information on protecting your site from this, however one easy way is to make sure you update your wordpress to the newest version.
I recommend getting a good security plugin to help protect your site. These can watch when you are not able to. They can notify you instantly when someone has tried to log in as an admin, and watch for malicious patterns from users.
Here is a great link for some more information on WordPress security
Overall, just stay diligent. If you are checking on your site, and its overall security regularly you can stop problems before they start!
Many Blessings!