WordPress is a popular platform for web development. Making WordPress Secure is a Must.
Below are Simple Methods to Protect Your Site from Hackers by making WordPress secure.
- Update WordPress – you’ll see a notice in your dashboard if WordPress has been updated so back up your site and click on update. These updates bring new features, fix bugs and clamp down on vulnerabilities.
- Keep your plugins updated – you’ll see a notice in your dashboard if any plugins that you use have updates, so back up your site and click on update. These updates bring new features, fix bugs and clamp down on vulnerabilities.
- Remove the admin login – So many website owners leave “admin”, as the default user ID, and just apply a password and think that they are safe. Think again! Using “admin” basically gives potential hackers half of what they need to get in through the login screen and into your website. Create a new user name with administrator rights, log in with the new ID and then delete the original “admin” account. Bots are hammering your website / blog 24/7. Don’t make it easy for them.
- Create a better password – iloveoldscifi can be easy to remember, but go another step forward and make it “1L0sc1f1!50s”. I use 1 for the i(s), 0 (zero) for the o, add a symbol like “!” and add a number. (I love campy old sci fi from the 50s becomes “1Lc0ldsc1f150s!”). Make it something that you can remember easily or use a password manager like Lastpass ($12 a year).
- Using a password manager allows you to use passwords like “Fkdyr0%673&k” while NEVER having to remember it yourself.
- Keep your computer’s operating system up to date and move up to the latest version of your preferred operating system as soon as you can. These updates also bring new features, bug fixes and help to clamp down on vulnerabilities.
- Run anti malware and anti virus protection on your computer on a regular basis. This will keep everything running smoothly from your computer to your website whether you are developing your site live, locally or use FTP. Employ a server-side scanning service as well.
- Update your themes as soon they become available. NOTE: Make sure that you are using a child theme so that you don’t lose all of your hard work when the parent theme is updated.
- Be careful with free themes. They may have hidden vulnerabilities and might not be updated often, if at all. I’ve never had a problem with themes listed on WordPress.org, but I check each one to see how many times it’s been downloaded, whether the developer continues to support it, etc. (The official WordPress Themes are a great place to start).