Update your WordPress Site
WordPress is built on open source code and is constantly updated for all the right reasons. So when your WordPress website is built you should keep the code up to date. Something so simple can have a big impact on site security. WordPress does prompt you to update but please consider whether you have plugins installed or if you have customised your WordPress templates in any way before you update as there can be consequences
It’s good practice to make a backup before updating the site. The important thing is that you are on top of it. Information about any security holes that were fixed from the previous version of WordPress are now available online to the general public, which means an out of date site is all the more susceptible to attack.
Keep plugins and themes up-to-date.
Just as you update the WordPress Core regularly, you should also update plugins and themes. Each plugin and theme installed on your site is like a backdoor into your site’s administration centre. Unless properly secured plugins and themes are like an open invite the wrong people. Delete any plugins or themes no longer in use. If you’re not using them, you’re not going to want to update them, so it’s a much better idea to delete them.
Only download plugins and themes from well-known sources. When you can, downloading plugins and themes from WordPress.org is actually your best bet since they will have been thoroughly scanned before being admissible to the Theme Directory or Plugin Directory. If you want a premium theme or plugin, only download them from reputable sources like Themeforest or from a highly respected developer’s website.
Don’t use “admin” as a username. Change your password often and make it a strong one. Random combinations of letters and numbers are best. Some useful tools you can use include Norton Password Generator or Strong Password Generator.
Make sure all your users generate strong passwords or else all your efforts will be wasted.
Install a firewall on your computer, once installed it offers another layer of protection from hackers and security breaches. Remember it’s not just your site that allows uninvited guests; it’s also the computers you use to access your site. Firewall software providers include Norton Internet Security and Avast
Limit logins. There are plugins that allow you to limit the number of times a person from a specific IP can attempt to login within an allotted period of time. The user is restricted from attempting to login again for a given period of time. Login LockDown is great for offering this feature but other plugins that offer a whole set of security features often include login limiting like iThemes Security. This is a good way of preventing ‘brute force’ hack attempts.
Limit user access. Do not grant too many people access. A good rule of thumb is to only grant access to those who absolutely need it and even then, only give them the bare minimum of permissions to do what they need to do. Giving everybody admin access to your site is running a real risk for your site.
Backup your site on a regular, scheduled basis. Scheduled backups are an essential part of any site’s security because if your site is hacked then you’ll be able to restore it to a version prior to the damage with ease.
Some automated solutions include VaultPress, BlogVault, BackupBuddy, or WordPress Backup to Dropbox for simple backups and with built-in restore options.
These points are just some of the simpler actions you can take to protect your site, it’s your property after all and we tend to have car and house alarms to protect them so why would we leave our websites open to attack.
In a lot of cases you may not have the knowledge to perform some of these actions so ask your agency/consultancy if they provide the service so that you can get on with do what you do best – running your business
Packages to suit all budgets
We only provide best advice for you and your business not advice that helps us to get you to spend as much money as possible with us.