Keeping Your WordPress Website Secure

As the new year begins, it’s a good time to review some important information for WordPress website owners. Updating and back-ups are important keys to keeping your website safe and preventing costly downtime.

Minimize Hacking Options

Outdated versions of WordPress and plugins are a leading source of hacked websites. WordPress developers are constantly updating site files. As long as you keep your WordPress version and plugins up-to-date, you can minimize the chances that your site will be hacked and flagged on Google as carrying malware.

Turn off Auto Updates

We recommend disabling the WordPress auto update feature and manually updating your WordPress website frequently for two reasons.

  1. It was recently revealed that the WordPress auto-updater could be used to send malware to your Web site.
  2. Updates are known to infrequently break WordPress Web sites due to incompatibility between versions and plugins. A manual update allows us to check the site during the update process and roll-back any trouble spots.

Move Your Default Login Page

Hackers like to use a brute-force attack against WordPress Websites. Since all WordPress sites use the same administration panel, the hackers know what page to hit. They’ll program a robot to send random logins until they’ve discovered the login combination. The default login screen can be changed to a custom url to make it more difficult for the hackers to attempt to login.

Full Backup of Files and Database

When’s the last time you had a full backup of all the website files and images created? If you don’t remember, now is the best time to create that backup. Hiccups with web hosts happen. Files are lost.

If your website doesn’t have it already, we also recommend adding a WordPress database plugin and scheduling a weekly email backup of the database. With a full site backup of files and a recent database backup, we can rebuild your Website. Without them, we would have to start over.

Extra Line of Defense: Wordfence

If your website doesn’t have it already, Wordfence is a good first line of defense against hacking. Wordfence will monitor your files and email the administrator when those files don’t match the official versions. It’s a must have plugin for any WordPress website.

Consider taking some steps this month to ensure your site is healthy. If the thought of updating your WordPress website is too overwhelming, give us a call at Hoyden Creative Group and we would be happy to help.