WordPress Security

As a WordPress Website owner, how much do you know about the security of your site?

There are 6 points that you should focus on to maintain solid WordPress security.  

  1. Mistake #1 – Never use “Admin”. WordPress gives you a default “Admin” Username and Password. You need to change this immediately, focusing on a Password that is difficult to break. It should include numbers, random capital letters, and characters like exclamation points. Once you decide on a Username, delete the default “Admin”. Here’s a fun little website to check the strength of your password. It may surprise you! https://howsecureismypassword.net/ 
  2. Keep up with the updates! Installing the WordPress updates will help fix any weaknesses that hackers might have discovered. Regularly updating WordPress will keep your site safer. WurkHub backs up and updates our Websites every week. For customers that have daily changes to their site, we would advise updating daily. WordPress is very good at telling you which plugins need to be updated. If you have Admin access, go to your dashboard and see if updates are needed. Make sure to backup your site first.
  3. Get rid of the bloat. Many Websites come pre-installed with a number of themes and plugins. Get rid of any plugins, themes, and Usernames you don’t need. The less accounts you have associated with your Website, the safer your site will be. If you don’t need it – delete it! This also has the secondary benefit of helping to speed up page load times for your WordPress site.
  4. Install a WordPress security plugin. While we just recommended getting rid of unnecessary plugins, one plugin you DO need is a security plugin. There are several out there to choose from, including Wordfence, iThemes, and Securi. Some allow you to ban IPs, individually or from a series. Others allow you to ban logins like “Admin” or “1234”. These plugins also give you a report of login attempts and lists of IPs that are trying to log into your site.
  5. Add a secret login page. Everyone knows that to log in to your WordPress Website, after your domain name, you enter /wp-admin. To make it difficult for hackers to find your login page, you can install a plugin to add a secret login page. The new login can be names anything you want, like /KingOfTheWorld or /MySecretLogin. Your secret page can be customized with your logo and background. Any opportunity thwart hackers is one extra step to add security to your Website. 
  6. Back up, back up, back up! If you do get hacked, you might lose everything, including your business, so regularly backing up your WordPress site is an absolute imperative. A little foresight goes a long way. Make a regular schedule and put it on your calendar. 

WurkHub can help you with all the steps you need to maintain a secure Website and hosting. Give us a call today to find out how our team can help your team succeed. 262-207-4828