11 Crucial Things to Do to Keep Your Wordpress Website Secure
One of the key pillars of your Wordpress website security is to use a secure hosting service. No matter how secure your website is if your hosting fails to deliver the proper level of security your website is under the risk of being hacked. A great hosting service takes the security seriously and protects your website with Application Firewall, DoS & DDoS Attack Protection, Daily Malware Scan and other security solutions. And they make sure they are running secure, stable versions of their web servers.
Besides daily security scans they back up your website daily. This way, even if anything unwanted would happen to your website, thankfully to the daily backups your website can be restored. Don't worry! If you keep your website secure and use a trustworthy secure hosting service this issue almost never happen.
It's worth paying more for a secure hosting service and having the peace of mind that your website is safe then going for a cheap hosting and get stressed out in case your website gets hacked. Also hiring a developer to fix and restore a hacked website usually cost more then the price of 3-5 years of secure hosting.
I use, love and always recommend WPX Hosting
for WordPress websites. ( Use the following discount code and get 40% OFF the first month: 47LINKS )
2) Use strong password and keep it safe
It's regular that people use easy to remember passwords (their name, date of birth, their cat’s name, etc.), this is bad practice as these passwords beside being easy to remember are easy to figure out. This is one of the ways websites get hacked! Pick a strong password that is a mixture of small letters, capital letters, numbers and at least 10 character long (e.g. TRkWp8X6sx) to keep your Wordpress website secure.
A lot of people use the same password on multiple websites, because it's convenient. This convenience brings a level of risk with itself. If one of those website gets hacked the hackers can easily get access to the other websites you use with the same password. Always use different and strong passwords on every website.
Don't tell your password to anyone. And please don't write it on a post it and stick it on your screen!!! Keep it to yourself safe and secure.
Change your password at least once a year to increase security.
3) Install Wordfence Security plugin for WordPress
Wordfence is the most popular WordPress security plugin with over 22 million downloads. And it’s 100% free!
It’s powered by the constantly updated Threat Defence Feed, and their Web Application Firewall will protect you from getting hacked.
4) Keep WordPress up-to-date
Another key pillar of security is to keep your Wordpress website up to date. Things on the Internet are changing fast, and the guys at Wordpress work hard to keep up with this and release security updates for the system, making this way your website and the internet a more secure place. At least once a month (recommended twice a month) update your Wordpress to avoid your website being hacked.
Before you do the update don't forget to do a backup of your website. Most of the time the update goes smoothly, and on those rare occasions when something goes wrong you can use the backup to revert back to a working version of your website.
5) Keep plugins and themes up-to-date
Just like your Wordpress website the plugins and the themes within your website are need to be updated at least once a month (recommended twice a month) to keep your website safe and secure. And for the peace of mind do a backup before you click on updating your plugins and themes.