Tips on Making Your WordPress Site Secure


Jul 08, 2011


This week’s question comes from Megan P., an online blogger and marketer located in the state of Michigan. She asks:

“I setup my own website using wordpress. Should I be worried about the security of the website?”

Are you using WordPress as your go to service for blogging? If so, you are not alone. However safe it may seem, there are countless incidents in which people are losing their blogs because of mistakes, hacks or simply because they failed to upgrade. It is then that a thief got in and stole information. If you have a blog, it is up to you to ensure it is working at its best possible level, and that does mean using it with security features to protect you and your visitors.

Keep this in mind. If you take a few steps now you can protect your blog and improve your security. If you do not, you could spend countless sleepless nights, and money, getting it back on track. It is far harder to clean up a hacked blog than it is simply to prevent these hacks in the beginning. There are a few things you need to do.

Upgrade to the Latest Version

The first thing to do is the one thing many bloggers do not do often enough with their WordPress blog. They do not upgrade. Upgrading is not just a way for the site to get their new features out there, though this is what it often seems like. Often times, there are patches that will take care of holes in the system that allow hackers to get in and steal your information. If you upgrade, you get those holes patched so that your visitors remain safe.

Other Things to Do

There are other ways to protect your WordPress blog as well. These security measures are important, too.

  1. Use encryption throughout your system. It is especially important to do this for your login information since that is the easiest “way in” for a hacker.
  2. Use the strongest password you can. Instead of trying to create something easy to remember, create something hard to duplicate. Try using a mixture of numbers and digits, as well as special characters and upper and lower case combinations to get the password in place. And, be sure to change it often.
  3. Get rid of the wp-admin folder. This is likely the place all of your important information is stored. You do not want to just give that information away but need to protected it. Put a password on it to protect it, in fact.
  4. Avoid making it easy for those would be hackers to know which version of the blogging software you are using. You can remove this information from the meta tag (it is there even if you did not put it there in some versions.)
  5. Use the login lockdown plug in. This will prevent a brute force attack style hack on your system. This way, if someone tries to log in and fails a certain number of times, it will disable the login function until you reset it.
  6. Back up your WordPress database. In case something does happen, you want to be sure you have access to the information you need. Even if your site is secure, having this can help to protect you in the end.

Keeping your WordPress site secure is not an option. It is necessary if you plan to prevent others from stealing your information or destroying your site. Run security scans on it. Update your system whenever possible. These things make preventing an attack possible.

Dotcomweavers are a team of professional web designers located in Paramus, New Jersey. We are committed to helping small and medium businesses find growth online. ASK DCW is your chance to ask questions, seek advice and get the knowledge you need to make your business successful in the online marketplace. Connect with us on Twitter (@dotcomweavers) or Facebook.

Real Time Web Analytics
احجزاستشارتك المجانية معنا@Booth #540 @IRCE في شيكاغو