1. Use strong usernames and passwords
This is the best form of security for your site. Most people just use admin as the username, as its the default when installing WordPress.
If you change the default username to something more secure you’ll make the brute-force attacks on the site harder to crack.
As for the password, again don’t use your default password make sure it always contains upper and lower case letters, numbers and a few special characters e.g: W0rdPR£55 – obviously don’t use this one, try to keep it as random as possible and just keep a txt file on your computer with the login details if you ever forget them.
2. Change the admin url
We use a plugin to hide the WP Login Screen. This is a great little plugin, and stops the annoying crawlers from auto filling in the login form and trying to break the site.
3. Delete themes and plugins that are not being used
If the theme or plugin isn’t being used then remove it, simple as that. These will need up dates in the future, and if there on your WP install even if deactivated they can be used to access the site and allow hackers to get it.
Plus they take up available space on the server.
4. Keep everything up to date
If you’ve ever used a WordPress site before, you’ll know there seems to be a new version or update to WP or the plugins every minute of the day. Even more so when WP get a up date.
As tedious as these updates are, they need to be done. You can be sure that if the developers have found a security loop, then so have the hackers who what your site.
5. Install a security plugin
With plugins like WordFence & Sucuri your site will start up to the constant attacks being made to WordPress website.
With multiple ways of configuring the plugins, from monitoring attempted logins per hour to email notices of what needs to be up dated and when.
These plugin are invaluable to keeping your installation secure.
6. Back up, back up, back up.
I know the title is 5 tips for keeping your WordPress website secure, but we at create and deploy can never stress enough about backing up your site. Whether that be daily, monthly, yearly or just when you update your site it needs to be done. God forbid your site gets hacked, how are you to ever get your data back.
There are loads of back up plugins, free or paid they all do one thing, back your site up. Just as long as you get to download the file for your library or store it on a cloud based system. With over 30 years of experience in creating websites in hertfordshire, we have the knowledge to keep your WordPress website secure and protected.