Securing WordPress is an important factor when you own and operate a site powered by WordPress! There are some simple (and not so simple) ways to ensure your site is more secure than not. The only way to make your website 100% completely hacker proof would mean you have to take your site offline… something that just defeats the purpose of having a website!
With that said, here are a few of the easy things you can do to make your site much safer and keep you safe from hackers:
1) Keep WordPress Up To Date!
See – nice and simple! First thing to do is back up your website. Once it is backed up, make sure your site is running the latest version of WordPress. To do this, log in to your WordPress Dashboard and click on “Update now” link when a new version is available. It will be at the top of the screen in a yellow highlighted area.
2) With WordPress Up to Date, Update Your Theme and Plugins!
WordPress is the whole framework, or architecture of your site. You certainly want that to be up to date. You also want to ensure you are running the most recent versions of each of your Themes and your Plugins.
3) Get Rid of Unused Plugins!
Speaking of plugins, only use what is necessary and only keep the ones you are using. A lot of people have deactivated plugins loaded on their site. Even though they are not active, they still can provide a vulnerability to your site. Simple rule here – if it is not active, delete it!
4) No Sissy Username or passwords… EVER!
Rule #1 here – do NOT use ‘admin’ as your username. EVER! Rule #2 – use a strong password – you know something that looks like this: LJ4ecnK%0MQGLFe Yes, it makes it more difficult to remember (or even next to impossible to remember). But that is the point! It is much more difficult to hack a password like that than a password like “qwerty12345′. Your password should include upper and lowercase letters, symbols, and numbers. My passwords are at least 15 characters! By the way… a strong username like “eOWqfYqh#R7xhxD” is a GREAT idea!
5) File Permissions
This is a little more techie – Set your file and directory permissions to what they should be. Most hacks are a result of files and directory permissions that are like leaving the front door wide open! For most cases, your file permissions should be set to 644 and your folders permission should be set to 755. If you do not know how to do this, get someone who does!
6) Back It All Up
Are you making backups? Are you storing them off your server? Are you taking them frequently enough? There are various ways to do that (check out this post, Another Post About Backing Up!) just make sure you ARE doing that. Do not leave it up to your hosting company!
There are more ways to make your site secure and this surely is not ALL the ways. At least it will get you started! A Secure WordPress site is a Happy WordPress site!