• Skip to main content
  • Skip to primary sidebar

Digital Maestro

Harmonizing Your Online Strategy

  • Home
  • About
  • Work With Us
    • Coaching
      • One-on-One Coaching
    • Services
      • Set Up Services
      • Website Maintenance
  • Products
    • WPICA
    • WP Security Help
  • Blog
    • Affiliate Marketing
    • Plugins
    • Business
  • Resources
    • Registrar
    • Hosting
  • Contact

Jun 10 2012

6 Easy Steps to Secure WordPress

WordPress_SecuritySecuring WordPress is an important factor when you own and operate a site powered by WordPress! There are some simple (and not so simple) ways to ensure your site is more secure than not. The only way to make your website 100% completely hacker proof would mean you have to take your site offline… something that just defeats the purpose of having a website!

With that said, here are a few of the easy things you can do to make your site much safer and keep you safe from hackers:

1) Keep WordPress Up To Date!
See – nice and simple! First thing to do is back up your website. Once it is backed up, make sure your site is running the latest version of WordPress. To do this, log in to your WordPress Dashboard and click on “Update now” link when a new version is available. It will be at the top of the screen in a yellow highlighted area.

2) With WordPress Up to Date, Update Your Theme and Plugins!
WordPress is the whole framework, or architecture of your site. You certainly want that to be up to date. You also want to ensure you are running the most recent versions of each of your Themes and your Plugins.

3) Get Rid of Unused Plugins!
Speaking of plugins, only use what is necessary and only keep the ones you are using. A lot of people have deactivated plugins loaded on their site. Even though they are not active, they still can provide a vulnerability to your site. Simple rule here – if it is not active, delete it!

4) No Sissy Username or passwords… EVER!
Rule #1 here – do NOT use ‘admin’ as your username. EVER!  Rule #2 – use a strong password – you know something that looks like this: LJ4ecnK%0MQGLFe Yes, it makes it more difficult to remember (or even next to impossible to remember). But that is the point! It is much more difficult to hack a password like that than a password like “qwerty12345′. Your password should include upper and lowercase letters, symbols, and numbers. My passwords are at least 15 characters! By the way… a strong username like “eOWqfYqh#R7xhxD” is a GREAT idea!

5) File Permissions
This is a little more techie – Set your file and directory permissions to what they should be. Most hacks are a result of files and directory permissions that are like leaving the front door wide open! For most cases, your file permissions should be set to 644 and your folders permission should be set to 755. If you do not know how to do this, get someone who does!

6) Back It All Up
Are you making backups? Are you storing them off your server? Are you taking them frequently enough? There are various ways to do that (check out this post, Another Post About Backing Up!) just make sure you ARE doing that. Do not leave it up to your hosting company!

There are more ways to make your site secure and this surely is not ALL the ways. At least it will get you started! A Secure WordPress site is a Happy WordPress site!

Written by Paul · Categorized: General

Reader Interactions

Comments

  1. pat says

    June 11, 2012 at 3:32 am

    Thanks for the helpful hints Paul. As a non techie I was not aware of the file and folder permission info you gave here and will check with my web helper about them.

    Reply
    • Paul says

      June 11, 2012 at 10:34 am

      Make sure you put them to use, Pat! Better safe than sorry!

      Reply
  2. RAAckerman @ Cerebrations.biz says

    June 11, 2012 at 8:22 am

    It’s amazing how the simple precautions save so much effort later. Another is when clients don’t back up their computers- until they need that already done.

    Reply
    • Paul says

      June 16, 2012 at 9:28 pm

      I think most people only do that once, Roy! Well, at least I hope it is at most, once!

      Reply
  3. Sharon O'Day says

    June 11, 2012 at 10:34 pm

    Paul, after updating WP recently, I saw my security plugin was outdated so I innocently updated it. Well … even the plugin developer didn’t realize the updated version was incompatible with the new WP. What a mess! And thank goodness for a super web support team in the wings! I had never thought of updating plugins as risky business … but sure learned my lesson.

    Reply
    • Paul says

      June 16, 2012 at 9:27 pm

      I cannot preach enough about the importance of regular backups! Before I update and plugins or WordPress itself, I take a backup! I hope you do the same, Sharon (and everyone else!)

      Glad your support team was available! Whew! That was a close call!

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

UpCity: Best of New Jersey

UpCity Best of New Jersey

Proud Member

Recent Posts

  • Voice Search and Local SEO: The Shift You Can’t Afford to Ignore
  • The Local Business Owner’s Guide to Holiday Promotions That Work
  • 7 Holiday Marketing Mistakes That Can Cost Your Local Business (and How to Avoid Them)
  • How Small Businesses Can Compete With Big Brands in the New Year
  • Holiday Marketing on a Budget: Creative Ideas That Don’t Break the Bank

WordPress Topics

  • Affiliate Marketing
  • Blogging Category
  • Business Building
  • Coaching Category
  • General
  • List Building
  • Marketing
  • Plugins
  • Resources
  • SEO
  • Services
  • Social Media
  • Themes
  • Traffic
  • Uncategorized
  • Video Subscription
  • Webinar
  • WordPress Online Strategy

Missinglettr

Copyright © 2025 · Digital Maestro · Disclaimer · Privacy Policy · Terms of Service · Accessibility · Stay Awesome!