I am starting a WP (WordPress) blog and I am wondering if someone who has run one at large scale has some tips for me?
I hear WP can be hacked really easy, is this true? What do you do to prevent against it?
What are some challenges of running a large scale WP site?
comments are major problem for sure.
you need to keep the software and plugins updated.
could be hacked. IMO all php sites are more likely to get hacked, but then again there are measures to minimize the risks.
I wouldn’t say Wordpress can be hacked really easily. But Wordpress is a natural “first choice” for cybercriminals because (1) of the number of sites it’s on and (2) the fact that a lot of people who install Wordpress don’t update it on a regular basis.
Assuming you’re committed to updating the core Wordpress software as soon as a bugfix is available, you should also be running some sort of website firewall to stop any malicious requests. And your “admin” area should be further protected with a SSL certificate too. Of course, it goes without saying that you need secure usernames/passwords too.
Wordpress is notorious for being inefficient, particularly due to the large number of database queries it executes for every page request. The workaround for this is usually to implement some sort of caching, for which there are a number of plugins available. If you’re expecting a decent amount of traffic, you’ll obviously need a hosting provider that’s not at the “cheap” end of the market.