WordPress is used by millions of people worldwide to power their blogs, websites and ecommerce platforms. The benefits of this are that there is a huge user base, and an active support community.
The chances are that you know somebody who can help you with your WordPress site, as it is so widespread and used by so many developers in the industry.
However, the widespread use of WordPress makes it a high profile target for hackers, scammers and all the other nasty elements of the internet.
But, there are a number of things you can do to improve the security of your site, and make the hacker move on to less well protected sites.
Use a strong password
Yes, I know, you hear this all the time, but you would be amazed how many accounts we come across that have very, very weak passwords. This article here shows us that the most popular password of 2015 was “123456”, followed by the old favourite “password” at number two.
We recommend generating a strong password using a site such as strongpasswordgenerator.com/.
Now, it’s tricky to memorise a password like “I4rtxtLqv7/nK+U”, so we recommend that you use a password wallet, such as Keypass. This allows you to store all of your passwords securely in one place.
The key wallet has one master password to open it, which again should be secure but memorable. Phrases are a good idea for this, something like “TheBlueMonkeyAte3houses!?” is secure and easy to remember.
There’s an article here that goes into passwords in more detail with some good tips.
Update your website regularly
WordPress release updates to their platform regularly to fix security issues and exploits that hackers use to gain control of your site. Themes and plugins are also updated for the same reason. You should avoid, where possible, old plugins and themes that are no longer updated by the developer.
Before you update you WodrPress install, your plugins, or your themes, we recommend making a backup of your site and it’s database. There are plugins available that can automate this process for you, or it is relatively simple to do yourself via ftp and through cPanel or Plesk.
The backup is important in case something goes wrong, which it very rarely does, but it’s best to be prepared.
Avoid running all of the updates at the same time, and instead run them one by one, checking that your site is still functioning properly after each update is run. This allows you to check for any problems that may be caused by the updated code conflicting with something on your site.
The most common problem that happens when a conflict arises is the famous “WordPress White Screen of Death”. This is caused by database errors or PHP errors, which in turn are caused by a bad theme or plugin.
There is an article here that will guide you through the process for fixing this.
Get an SSL certificate
An SSL Certificate increases the security of your site and makes it harder for third parties to intercept information between your site and your customers. There are a number of other benefits to be had with having an SSL certificate, such as improved google rankings and greater customer confidence.
You can find out more about SSL certificates here.
You can also get in touch with us here to discuss your requirements.