Website Security: an often overlooked factor when considering your new website. It is vitally important though! A compromised, or hacked, website can bring utter terror to your business, organization, or nonprofit. This article will give you a detailed game plan on how to avoid website hacks and what steps you should take to ensure your website is secure. Note: We build our websites almost exclusively through WordPress so these tips are specifically geared toward WordPress websites but may have some carry over to other platforms.
6 Very Simple Things You Can Do Right Now To Ensure Your Website Is Secure:
Keep WordPress And Your Themes (if any) Up To Date
It sounds so simple and obvious but you would be surprised how many hacks happen because the site manager does not update WordPress and the site’s framework. The process of updating is very simple. First you will want to back up your site. Then inside the WordPress dashboard click on the Updates Available banner and update your site. Having a website that is not updated opens the door to many hackers.
Choose Plugins Wisely And Keep Them Up To Date
Along the same lines as keeping WordPress up to date, you definitely want to keep your plugins up to date. Plugins are written in open source format and not all plugin authors are the best at keeping their products secure.
When installing a WordPress plugin check the compatibility of the plugin with the latest WordPress version that you have. Does it say it is compatible with your version of WordPress? Or is it Untested with your version of WordPress? If it is untested it may be vulnerable.
Another thing to check when deciding whether or not to download a plugin is how many downloads does it have. 10? It might not be as secure as 1,310 downloads. If a lot of people have downloaded it is more likely to be trustworthy.
One plugin we do suggest you download is Sucuri. Sucuri is one of the most trusted WordPress Website Security Companies and their pugin is an extension of the amazing services they offer.
Delete Any Plugins or Themes You Aren’t Using
If you aren’t using a plugin or theme you are less likely to keep up to date with them. Therefore, you are more likely to get attacked. Another reason to delete them is just pure numbers. The less you have the less opportunities you have to be compromised.
Do Not Use “Admin” As A Username
The most common username in WordPress is Admin. Hackers know that. If you use Admin as your username you have now made the hackers job 50% easier. Get creative. Think of something you can remember but not something a hacker would easily figure out.
Change Your Password and Often
Please, whatever you do, for the love of everything holy, do not use “password” as your password. Instead, what you should do is add multiple symbols and mix uppercase letters with lower case letters. Make it as difficult as possible to figure out.
Host Your Website On A Good Server
But how do you know it is a good hosting company? There are a few things you can check in on to ensure that your hosting company is good or not. Do they support the latest versions of PHP and MySQL? Is it optimized for WordPress? Does it have Malware Scans and Detections?
Choosing a hosting service based on price only is incredibly dangerous! There is a lot that goes into hosting your website. Sometimes you get what you pay for. If you pay for the cheapest service, your risk of compromise is high.
So as you can see, ensuring your WordPress website is secure starts with some very simple methods. There are more technical things you can do but if you start with these 6-Steps you will go a long way in ensuring your website is secure!