Securing WordPress
Here are some steps you can take to secure your WordPress website, protect it from getting hacked:
First of all, create backups. You can create daily or weekly backups to avoid a lot of data loss.
- You should check for updates regularly and update WordPress. You can also set WordPress to automatically update to the latest version. Also keep the plugins updated – Plugins are the most vulnerable therefore it is important to keep them updated and disable if a threat has been identified. Alternatively, only use the plugins which you need, you can disable all the plugins which are not required, this can also increase the performance of your website.
- Change your login details – The default username for WordPress is “admin” and most hackers will know this. You can also simply create a new admin user and delete the original one – This is done for extra security.
- Change the WordPress keys – It is very important that you do this because these work like “salt” for the cookies adding encryption and also ensuring performance. You can change your keys in the file “wp-config.php”. You can use the original WordPress ‘key generator’ to generate new keys for use. The generator can be found at “http://api.wordpress.org/secret-key/1.1/”.
- You can use the plugin “WP Security Scan”. This plugin is very useful and makes securing your website extremely easy and simple. It checks your website for any vulnerabilities and informs you if there is any malicious code found. There are scanners installed on our servers which check for these malicious scripts and automatically delete them. The plugin can be found at “http://wordpress.org/extend/plugins/wp-security-scan/”.
Note: There any many more steps which you can take to avoid your website from being compromised. Our staff can do this all for you to keep your website protected, simply open a ticket and one of our friendly staff will be able to do it all for you.