Today I’m back with a new blog post about your WordPress website. Or blog. Whatever you want to call it.
In the past year we have received quite a handful of email from our clients concerning their website security and particulary how to keep their site secure.
We always respond back with this: “There are a few very simple things you can do to keep your website secure, much of which is just good practice as you build your blogging routine.”
But in all honesty this is true – there is nothing you can really do to guarantee your site is completely and totally secure, it is just an ongoing process.
There are a few things you can incorporate in your blogging routine to keep your WordPress sire secure:
KEEP EVERYTHING UP TO DATE
As a rule of thumb when dealing with WordPress, templates, child themes, plugins etc. the best thing to do regularly is to keep them updated.
The best order to do these things are:
1. Update your plugins
2. Update your themes
3. Update WordPress
CHOOSE THE BEST HOSTING YOU CAN AFFORD
There are so many websites that offer you a side to side comparison of all of the hosting companies out there. Security vulnerabilities often come from the host itself so you should choose a hosting company that has a tream in place that will take care of your issues in a timely manner.
I only use SiteGround because when I first started doing web design I didn’t knew anything about installing ANYTHING. They helped me with EVERYTHING and they even directed me to some really useful links that I still keep in my bookmarks folder.
BACK UP YOUR WEBSITE
It is always a good idea to take regular bakups of your site. I learned that the hard way. I use this plugin for my regular backups for my website and also for my clients.
DON’T USE ADMIN AS YOUR USERNAME
This I’ve seen so many times. Whenever I work with a client, I always ask for permission to change their main username for their WordPress site.
Never use admin or any other easily guessable name for that matter.
If you are a bit more experienced with WordPress there are plenty of plugins that you can install that will change your login URL from the basic “yourwebsite.com/wp-admin” to whatever secret URL you want (e.g. yourwebsite.com/my-secret-login-url)
CHANGE YOUR PASSWORD REGULARY
This one is the easiest one you can incorporate in your WordPress maintenance routine.
Make sure that each time you change it you use a good mixture of special characters, numbers and regular characters.
I had one client who wanted his password changed every single Monday morning. No exceptions 🙂
DELETE ANY THEMES YOU ARE NOT ACTIVELY USING
When installing new themes for your WordPress site, make sure the other ones that you don’t use are deleted or at least kept updated every time you get an update notification.
If you use a Divi child theme, don’t delete the DIVI template/theme. Even though is not “active” doesn’t mean it is not being used.
DELETE ANY PLUGINS YOU ARE NOT ACTIVELY USING
Same principal applies to plugins as well.
Plugins can create all sorts of issues if you are not actively updating them. One good rule of thumb is to remove (deactivate & delete) all of those plugins that you are not using.
You can always install it bak later if you ever need them, but good practice is to delete the ones that you are not using at the moment.
ONLY DOWNLOAD FROM KNOWN SOURCES
Whenever I need to download a plugin I always look at how many times the plugin has been downloaded, when it was last updated and if that particular plugin is compatible with the lastest version of WordPress.
MAKE SURE YOU ARE DELETING SPAMMY COMMENTS
Comments are one way for hackers to attach bad scripts into your website. Always delete those or marke them as SPAM. There are several plugins available for WordPress that are really good at filtering out spam comments. One of them is spam destroyer.
You can easily make these 9 things as a regular routine for your WordPress website.
There is no need to fear losing all of that hard work you have spent building your site.
If it seems overwhelming at the beginning, start with 2 things the first week and move up each week.