• Get In Touch
September 10, 2012

10 Ways to Secure WordPress

Using Wordpress? Get our lightening fast Wordpress Optimised Hosting.
Get Wordpress Hosting

With WordPress being automatically installed on our WordPress Hosting packages, we though we should give you some important steps in how to secure WordPress.

Is WordPress Vulnerable?

There are a few factors that make WordPress vulnerable to attack, but the main reason it is vulnerable is due to its enormous popularity across the web.

Every day WordPress is installed hundreds of times and the differences in server environments is unfathomable. Here at FreshSites we manage that server software and keep it up to date with the latest security fixes, but the underlying code, including any plugin code can be liable to be hacked, due to its popularity.

You may wonder what hackers might do when they find a website that they can breach, and in reality they can do anything their imagination creates, but mainly:

  • Executing code
  • Creating hidden links to improve SEO
  • Redirecting visitors to other sites which have adverts on to make money
  • Installing a backdoor so if the hole is fixed they can still get in.

But its not just WordPress that suffer from vulnerabilities, all web software is targeted. The one good thing with WordPress is that its open source, so many many developers can find and fix security holes within seconds, release changes and WordPress lets you know there is an update.

10 Steps to Secure Your WordPress Site

  1. Keep your WordPress installation up to date, and make sure you install the new version as soon as the update manager offers it.
  2. Keep your plugins and themes updated in the same way, and if you deactivate any plugins, make sure you remove them.
  3. Never install themes and plguins from an untrusted source, read about a plugin and look for reviews.
  4. Create regular backups of your site, including your database.
  5. Create a new user and give them publisher status, then always use this account to post any news items, never put your admin account name on your blog
  6. Create a unique password for your account including uppercase, lowercase, numbers and symbols. There are many tools to help you do this including https://www.random.org/passwords/
  7. Install a login attempt limiting plugin, such as Limit Login Attempts
  8. Install WordPress File Monitor Plus, so you can be notified of any file changes on your site. This will help you discover any hacks done to files.
  9. Use Better WP Security plugin to lock down your WordPress Hosting.
  10. Make sure your Hosting company keeps server software up to date, like us!

These tips are just the tip of the iceberg when it comes to securing your WordPress installation. You have to remember there is no such thing as a 100% secure site, there is always something you can do.

One last thing, make sure your computer is virus, malware and spyware free – people can log your password when you type it in so its an important step to make.

What Tips Do You Have?

What have you done to secure WordPress? Had a security breach that lead you to any additional security steps? Let us know in the comments section!

Using Wordpress? Get our lightening fast Wordpress Optimised Hosting.
Get Wordpress Hosting

Share this Article!

Related Posts

5 Website Hosting Solution Trends for 2022 and Beyond

5 Website Hosting Solution Trends for 2022 and Beyond

Looking for the right web hosting solution for your website can be an intimidating task. Options nowadays are more diversified than ever, and each year brings new developments in the web hosting market. If you have no clue of what to look out for, you can find yourself overwhelmed with the choices. Hence, you must […]

64 Content Marketing Statistics Demonstrating the Power of Content

64 Content Marketing Statistics Demonstrating the Power of Content

Content marketing continues to be one of the most valuable tools for today’s online businesses. With content, you can improve your chances of reaching your target audience, boost your search engine standing, and even unlock new opportunities for sales. The more content you produce, the more you can strengthen your domain authority, demonstrate your thought […]

53 User Experience Stats for 2022

53 User Experience Stats for 2022

User Experience (UX) is one of the most crucial factors to consider in web design. As the number of websites and applications in the world today continues to accelerate, businesses are under more pressure than ever to impress customers straight away. If a user visits your website and finds slow-loading pages, clunky navigation, or errors, […]

How to increase the memory limit in WordPress

How to increase the memory limit in WordPress

Do you need to increase the memory limit in WordPress? Getting an error about memory Exhausted? The memory limit is one of the most common WordPress errors as the default limit of memory in WordPress is only set to 64mb! But there’s good news! The Memory Exhausted error is one of the easiest to fix […]

All in One WordPress Migration Vulnerability

All in One WordPress Migration Vulnerability

A vulnerability has been discovered in the “All In One WordPress Migration” WordPress plugin. All versions earlier than, and including 6.97 contain a vulnerability which allows Cross-Site Scripting (XSS). With over 2 million active installations, this vulnerability has the potential to be high impact, however, this is lessened by the nature of the vulnerability, which […]