With so many security breaches happening to large organisations across the world there has never been a more important time to be vigilant in keeping your WordPress website secure.
We have put together a list of tips to keep your WordPress secure and more importantly the data inside.
Install a security plugin
Installing a security plugin is paramount. There are two front-runners that we use and recommend. This is based on personal preference, we will elaborate on each one and compare them in another post. But to get you started 100% installed either WordFence or iThemes Security – both have a free solution out of the box to keep your website safe immediately.
Change default login url
This will require a little bit of technical knowledge or if you use a security plugin such as iThemes security as mentioned above it can be super easy to do within the iThemes Security plugin.
Keep passwords secure
So many people use the same password for everything. Sadly hacking passwords is Childs play these days for hackers so tighten this up by simply using a service like LastPass to keep your safe travelling around the web.
Do not give unauthorised access
This one is a bit of an obvious one, but over the years when I was freelancing the number of website owners would dish out either their own admin login details or even better yet creating me as an admin! It’s lucky I have no bad intent but once I had finished the task in hand I often reminded them of the potential threat.
Install an SSL certificate
By installing an SSL certificate has a couple of main benefits. First of all, it will keep any data transmitted across your website i.e. forms safe and secure by encrypting the data. The second benefit to installing an SSL certificate is that it makes Google smile and will give you that little extra SEO power up.
Do NOT set your admin account with the username ‘admin’ and your password as ‘password’. Switch this out straight away with something obscure and make use of LastPass as mentioned above.
BACKUP! BACKUP! BACKUP!
You should always have some form of backup system in place. First of all, make sure you use a quality hosting service that does this by default. Alternatively, there are plenty of plugins that can run a job that will keep regular backups of your website if the worst happens!
Dont install dodgy plugins
Make sure you don’t install plugins from unauthorised vendors. We know the temptation is there if the plugin id free or cheap and is exactly what you are looking for. However, that free or cheap plugin could cost you a fortune down the line as more often than not they are not supported properly and could be riddled with security issues.
How can we help you?
If you are unsure or are concerned about your websites security or vulnerabilities get in touch with us and we will run a free no-obligation security check across your website advising if there are any glaring holes that could be compromised.
We hope this article helps and highlights some of the common issues that surround plenty of WordPress websites around the world.