Is your WordPress site secure? Do you know how to keep it safe from things like hackers and malware? Alison from Tiny Blue Orange works on WordPress sites everyday, and WordPress security is her first priority. In this episode, Alison shares easy ways to keep your WordPress site safe and secure.
EASY WAYS TO KEEP YOUR WORDPRESS SITE SECURE
- The security aspect of her business started when one of her early clients lost everything due to a security risk.
- Yes, there are bots and hackers, but technology fails sometimes, too. You have to safeguard your site from all these risks.
- Alison uses and teaches WP but the concepts apply to all websites.
- Brute force attacks: they try combinations of usernames and passwords over and over. Your site can be hacked by these attacks, or your site can go down simply due to the number of attempts.
- #anythingbutadmin – don’t use the admin username. This is one of the easiest ways to keep your WordPress site secure.
- If you work somewhere with a shared wifi, use a password vault.
- WP updates: Letting WP and plugins get out of date puts you at risk so keep them updated.
- You don’t need to collect themes, especially the default themes. Get rid of only the ones you are actively using right now.
- When you are on shared hosting, which most bloggers use, a hacker might get into a server and hack into every website on that server. It has nothing to do with the size of your blog.
- Site owners should be running backups, even if our hosting company does it.
- When installing plugins, check to see when it was last updated and how many successful installs it’s had.
- When other people are accessing your site, you need to be extra diligent about security risks. If you do decide to share your username and password, send each piece separately. However, WP makes it so easy to add new users and giving them their own username and password.
- The white screen of death: a white screen where your website once was. You have to go into your file manager on your hosting plan, navigate to your plugins folder, and rename the folder. This “deactivates” the plugins, which is typically the issue. Log into your site and reactivate one plugin at a time to see which one is the issue.
- Schedule spring cleaning of your site, including pages, plugins, themes, etc.
- Take Alison’s free security quiz to assess your website’s security HERE
- Got questions about hosting? Alison has a free hosting guide to help you out. Click HERE.
- How many themes do you really need? They’re not collectibles.
- Backup recommendations: BackWPup & Backup Buddy
- Hosting recommendations: HostMonster, Bluehost, and FlyWheel (her personal favorite)
Get updates on new episodes, upcoming Blog Fuel Intensives, and valuable monthly newsletters from Erin & Kirsten!