Are WordPress Sites Secure?
It seems like almost every week, we are hearing about a cyber attack or data breach happening to a large company. Cybercriminals are smart and security threats are never-ending.
If you are building and maintaining your own website, how do you make sure that your site is safe & secure?
I am not a security expert, but I have done a great deal of research in wanting to understand how to protect my sites.
I’ve put this together for the beginner. For an in-depth list that requires technical abilities, check out this post on wpmudev.
Here are a few tips that will help you keep your website secure:
- Install all updates as soon as they are issued. As soon as a security breach is discovered, the hackers are already ahead of it. Updates & patches are released to prevent hackers from exploiting these known vulnerabilities.
- Use caution with plugins. Always check the reviews, the number of installs and recent updates before installing. Keep a master spreadsheet of all plugins that you use and check them when alerts are issued. Many of the threats to WordPress sites come from plugins.
- Get rid of the ‘admin’ username. By default, every WordPress install assigns the first username of ‘admin’. This gives hackers half of the information they need to access your site. Create a new admin with a unique username, then delete the old one.
- Consider a security plugin. I like WordFence and have it installed on all my sites. The free version is sufficient for most users, the paid version is reasonably priced.
- Be careful where you host. Choose a strong and reputable hosting company if you are not using your own server (advanced).
- Delete any themes and plugins that you are not using.
- Keep your computer up to date. Make sure you are using antivirus protection and a firewall.
- Avoid using free themes.
- Consider two-factor authorization for admin access.
These are a few things that a beginner can easily do to protect their website. As your experience with WordPress advances, you can look at some more advanced options. If you have any additional things that you do to protect your site, please leave a comment.
I would love to help you with your WordPress website. To receive occasional tips & tricks enter your information below. Don’t worry, I hate spam and won’t blast you with it.