Getting your WordPress site secure is more important than you think! What I’m noticing all the time is that many site owners do not care about the security and that’s definitely not good. If you leave your site vulnerable to hack attacks, you’re risking to lose a valuable data and negatively affect your reputation. If you’re already hacked, you may end up losing leads and sales and sometimes the damage cannot be repaired.
Keeping your WordPress site secure is simple, just follow these 4 tips and you will strengthen the security and be protected from 90% of online threats.
Make Regular Backups
The golden rule is to keep your site backed up on a regular basis so if anything bad happens, you can always restore a previous backup or a backup from 2 months ago. If some newer content is not a part of that backup, you can always copy paste it from Google cache and restore the missing pages. I recommend to keep backup files on a few different locations. On your PC and laptop for instance, on a hosting server, cloud server, email storage space etc.. With backups, you can almost fully reduce the risk for your online investment.
Use Strong Admin Passwords
The majority of hack attacks are done with brute force method where software or a bot is trying to guess the admin password by using various character combinations. For instance, the bot will go to your WP Admin page, use “Admin” as a username and then circle through the list of words to try to find the password. In order to prevent the brute force attack, change your admin password at least once a month, use very long passwords with special characters and capital letters (for instance: KWj9!()md_+29!jkdk!@). What is also recommended is to rename the “Admin” username. You can generate a strong password at this URL: https://passwordsgenerator.net/
Stay Up to Date
WordPress is releasing updates on a regular basis. Updates includes core improvements and patches for security loopholes. In the WP dashboard whenever you see that new update is available, don’t wait, update it right away, it takes one-click only and no more then 10 seconds. Plugins and theme files also require to be updated from time to time. If your site is not updated in a long period of time, you may become an easy target.
Use Secure and Reliable Hosting
A hosting server that is properly configured is essential for a bulletproof security. Some hosting providers are automatically managing WordPress updates and have capabilities to prevent the majority of attacks. The only host I can recommend is the one I’m using for more then 8 years, webfaction.com.