WordPress.org is by far the most popular open source tool available, covering 26% of the web. There is approximately 76.5 million WordPress.com blogs, and so there are more and more hackers trying to hack it. WordPress is pretty good with security but not bulletproof.
Let’s take some simple steps to secure our WordPress website:
1: Don’t use the ‘admin’ username!
It was standard many years ago by default and hackers know this and will target this username. We recommend not even using the website domain name or any name which relates easily with the website. Instead try something that is difficult to guess, which will make it more difficult to hack.
2: Create A Secure Password:
We know the pain to remember all the passwords but hackers know our weakness too. Do not use anything that is easy to remember such as your kid’s names, or pets, or something like 1234. Also do not use the same password for each account. Use strong password Try this if you cannot think of one: https://identitysafe.norton.com/password-generator/# This will ensure your passwords are random and are extremely difficult to crack.
3: Keep your WordPress Up to date:
The battle against hackers is a never ending one. WordPress often releases security updates to keep up with new hacking techniques and technology: don’t forget to keep your WordPress updated.
4: Update Plugins and Themes:
It is recommended to use as few plugins as possible, and check their reputation and reviews before you install them. Same goes for themes, but delete the plugins/themes which are not in use. Don’t forget to keep your plugins and themes up to date, they may have important security patches.
5: Back up regularly:
Yup, despite all your efforts things get out of hand. Keep regular backup, in case of a hack, you can roll back to your back up. There are many plugins for backups but we recommend managed WordPress hosting, they usually have automatic regular back ups.
6: What plugins to use to secure all of this:
Try Sucuri, its paid but they are industry leaders for a reason. If you have a small budget and don’t want to purchase a plugin, we recommend a combination of Wordfence and Ithemes security.
7: Reliable Hosting
This is very important and more over companies like WP-Engine can do most of the security for you and will un-hack your website in case of emergency. It’s just a tiny bit expensive but it’s worth it in the long run, saving you from headache and wasted time.
The steps to protect WordPress are endless and can be technical too, but if you follow these simple steps it will take your WP security to the next level. It will ensure that you don’t lose any business due to a hacked website.
If you have any questions about website security or if you’ve been hacked and you don’t know what to do, give us a call or email us at firstname.lastname@example.org