WordPress is one of the most popular platforms for blogs and websites. It comes with countless plugins and themes for you to choose from which makes it incredibly easy to customise and make your own.
However, like many other popular platforms, it is also prone to hacking.
There are simple steps you can take to keep your site secure, and I’ve covered some of the basics below in a quick and simple checklist.
1. Secure your log in
Install a lock-down plugin such as iThemes Security or Sucuri to prevent hackers from logging into your site. These limit the number of login attempts from an IP range within a certain timeframe and also helps to prevent your site against brute force attack.
2. Use strong usernames & passwords
It is wise to change all usernames from ‘admin’ or ‘administrator’ or your own name or email address as they are too obvious and easy to guess. Create usernames and password that contain lots of letters, numbers and symbols. Change your password frequently.
3. Manage your user accounts
If you have a VA, a designer or a blog manager/editor who need to access your site for various reasons, ensure you create an individual user account for each person (following the principles in point 2). Never give your own username or password to someone else.
4. Back up your site regularly
I can’t stress enough how important this is. If your site is hacked and all hell breaks loose you can easily restore your site with a recent back up file. Install a simple back-up plugin and change the settings so that you run a backup at least weekly or fortnightly. Here’s a tip – check that there’s not too many copies of your back up files being stored on your site, or you’ll end up creating back-ups of back-ups and the size of your website becomes HUGE in no time.
5. Keep your plugins up to date
Plugins are always being updated by developers to overcome potential bugs and security threats, so it’s really important to keep your plugins up to date. Be sure to use plugins only from reputable sources, it pays to do a little research before installing anything on your WordPress site. Some plugins are not compatible with certain themes so its wise to check before installing anything. Uninstall any plugins that you no longer use. And remember the golden rule … ALWAYS do a fresh back up before you update anything!
6. Use a reputable theme
There are literally thousands of WordPress themes out there that are free or cheap to use. The thing is, not all themes are safe to use. When looking for themes, search within the WordPress theme repository – all of these themes are checked by the WordPress team, so they are safe to use. There are also other sites such as Themeforest or premium sites such as Genesis, Bluchic or Elegant Themes just to name a few.
These themes are well-supported by the developers and have great support communities and knowledge bases to help you.
There are more advanced ways to keep your website secure, and if you’re running an online store then you really must pay closer attention to your website security not only for your customers protection, but to protect your business as well.
Over to you …
Be sure to check your website security as soon as possible and get some of these security measures in place. If you’d like to know more about this here’s some more tips from Copyblogger on keeping your site secure.