Title: go simple Last modified: November 12, 2018 --- # go simple * [ketanco](https://wordpress.org/support/users/ketanco/) * (@ketanco) * [7 years, 6 months ago](https://wordpress.org/support/topic/go-simple/) * i am really sick of hacks or having to keep backups or site maintenance bla bla… i am thinking about going as simple as possible as far as the theme i am using, which can be the 2016 2017 2018 etc… things like that. and i dont care much about apperance anymore. my content is good enough, and site name somewhat established * question 1) now if i do that, all i need to do is to install a theme like i mentioned above and in case anything happens, i just delete all files and upload the same theme back from here, and, all i must keep is my picture files, under uploads folder, so that is the only folder i pay attention to and it is the only folder that i must save correct? am i missing anything? * question 2) and as far as plugins i will be as simple as possible again, such as only akismet and wordfence. can you think of anything else very essential like this? * question 3) my database has a very strong password so unless they can break it they have no way of hacking database and so when hacking occurs it should be the files and folders but not the database correct? Viewing 1 replies (of 1 total) * [George Appiah](https://wordpress.org/support/users/gappiah/) * (@gappiah) * [7 years, 6 months ago](https://wordpress.org/support/topic/go-simple/#post-10870650) * Hello ketanco, * _— TL;DR: See this link on how to protect your WordPress site: [https://codex.wordpress.org/Hardening\_WordPress](https://codex.wordpress.org/Hardening_WordPress)— * I’m sorry but I’m going to be frank with you here: if you’re **tired of keeping backups and maintaining your site**, then… 1. You should pay someone to manage your site for you so you never have to deal with it… OR 2. You should embrace the fact that your site will sooner or later be hacked and you’ll lose everything… OR 3. You should not even run a website, to begin with * Alternatively, if you don’t need all the power of a DIY CMS like WordPress, you should switch to [WordPress.com](https://www.wordpress.com) or to a hosted static site builder like [Squarespace](https://www.squarespace.com/) or [Solo Build It](https://www.sitesell.com/solobuildit.html) or even [Wix](https://www.wix.com) (cough!) * > question 1) now if i do that, all i need to do is to install a theme like i > mentioned above and in case anything happens, i just delete all files and upload > the same theme back from here, and, all i must keep is my picture files, under > uploads folder, so that is the only folder i pay attention to and it is the > only folder that i must save correct? am i missing anything? * No. * Malware can be injected into your site’s database… and this will continue to work even if you delete the entire WordPress installation folder and reinstall everything from scratch (while using the compromised database). * That’s why I find it very troubling when you say you’re tired of maintaining backups… something you can do 100% automatically and 100% free. * > question 2) and as far as plugins i will be as simple as possible again, such > as only akismet and wordfence. can you think of anything else very essential > like this? * Well, that depends entirely on your use case. * For me, the automated nightly back is essential… so that should my site ever get hacked, I can easily restore a pristine version of the site with a few clicks. * But it appears you don’t want to even do backups at anymore 🙂 * **On several sites I run myself or manage for clients, I have over 20 plugins running.** * And I’ve used WordPress longer than WordPress even existed (started with b2/cafelog which became WordPress). * But I’ve not had a single site compromised before. * > question 3) my database has a very strong password so unless they can break > it they have no way of hacking database and so when hacking occurs it should > be the files and folders but not the database correct? * Breaking the password is just one of several ways… and not even a common way… of compromising a site’s database. * The most common way is SQL injection attack, wherein an attacker takes advantage of some other vulnerability to send malicious commands to your database server( oversimplification!). * Also, a vulnerability in any file in your WordPress site — whether it’s a theme file, plugin file, WordPress itself… or even a vulnerability in the underlying server that the site sits on… can be leveraged to launch a successful attack. * And when you have crossed all your I’s and dotted all your T’s, a third-party service… your email, social media, or even ads appearing on your site… can be hacked and used as an entry point into your website. Viewing 1 replies (of 1 total) The topic ‘go simple’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 1 reply * 2 participants * Last reply from: [George Appiah](https://wordpress.org/support/users/gappiah/) * Last activity: [7 years, 6 months ago](https://wordpress.org/support/topic/go-simple/#post-10870650) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics