Although WordPress is generally a secure CMS, due to it’s massive popularity it’s often the target of attacks by spammers, hackers and robots alike. Securing your WordPress website to withstand the majority of attacks isn’t hard though. Although much more can be done to secure your site here are four very easy tips to ensure your site is well secured.
This seems like a no-brainer, however it’s one of the most common ways sites get hacked. We recommend you use at least 10 characters ( the more the better ), use at least one capital letter, use a symbol and use a number. So your password might look something like this – 1Pa$sword. However, it’s best not to be so obvious, try using non standard words but something you can still remember such as combining names of pets or family in an obscure fashion. For example, if you have a dog named bruce and a cat called felix try creating a password like this that you can remember: F3lixH8sBruce!. Ideally, your password would be a completely random set of numbers and characters… but who can remember that?
Don’t use ‘Admin’ for your Admin account
Admin is the standard username for WordPress accounts so it’s too easy to target for hack attempts. Simply change your admin username or create a new username and delete the admin account. On occasion, brute force attacks on websites work by assuming your username of the admin is ‘admin’… don’t let these attacks work on your website.
You’ll probably have a number of plugins installed on your website. Ensure these are up to date as quite often the updates are there to fix security flaws. Also, ensure you have the latest version of WordPress for the same reason. Before updating plugins have a read of the update details to ensure it wont break anything. Once you’ve done the update, ensure that everything is still working ok – just incase.
Backup, Backup, Backup
If you only do one thing for your WordPress security it would be backing it up. If your site does end up getting hacked, if you have a backup, you’ll be able to restore your site with relative ease. If you don’t have a backup, we’ll it could be very expensive to fix or completely unfixable. So, use a plugin like BackWPUp to ensure you’re backing up on a regular basis.