8 ways to secure your WordPress website

8 ways to secure your WordPress website

WordPress is a great platform for businesses, personal blogs and hobbies to show off what they do and how they do it. Sadly though, hackers like to do the same thing, but not so positively.

Rather than focus on the psychology or reasons behind a hacker, this week we wanted to share 8 ways to secure your WordPress website.

No website can ever be 100% safe. If you get a company making such a promise, they are either clueless or deceiving you. Hint: check out their “terms of service” as you will find they can never make guarantees.

So just like the software out there, this post is a suggestion only.

8 ways to secure your WordPress website

1. Avoid using “admin” as your username

The most common default username for WordPress is “admin”. If you leave your site with this, you’re asking for it. Moreover, consider a password more than 20 characters. Avoid using full words by adding random characters in e.g. instead of “flowperformance67890”, try something like “Flo708pfeManC!e16f. ”

2. Update your plugins, themes, and installs

Self-hosted WordPress websites get access to a wide range of applications. Regularly developers create updates to fix previous flaws or changes in the items they have created. Make sure you update your site on a continual basis. If you don’t have time, consider asking your web host to update them for you.

3. Secure your WordPress website, by protecting your equipment

There’s nothing worse than getting a virus on your computer and inserting a file into your site that contains malware or malicious content. To avoid this look at installing anti-virus software on the equipment you use. Some high rated providers include Avast, Norton Security (mostly for PC) and ClamXav malware scan for mac. You may also like to consider using a Virtual Private Network (VPN) for your internet usage.

4. Install Cloudflare or Sucuri

Cloudflare and Sucuri have a free and paid version. The free version is useful for those who can’t afford to pay for web security. The software helps protect your site from comment spam, excessive bot crawling, SQL injections and denial of service attacks. In addition, most sites see their web page speed increase by using Cloudflare or Sucuri content delivery network and speed optimiser tools. The paid versions offer more solutions. Sucuri premium options come built in with some of our green web hosting plans Grow and Achieve for those businesses who want to help secure their site and block unwanted guests.

5. Install malware scanning

Set-up a malware scan plugin to check your site for any infections. Malware is becoming common with websites. If your site is found to contain malware, browsers such as Google Chrome or anti-virus providers used by your visitors will be given a warning before accessing your site. In many cases, the warning will prevent access to the site and the user will never return again. Some great malware scanners include ithemes and Sucuri.

6. Make your WordPress site less obvious

Remove footers that contain text like “this site is powered by WordPress.” If a hacker finds it harder to see which platform you are on, they will have a difficult time trying to get into your site, compared to one that is less obvious. They may also choose the most obvious site over the harder one, given its ability to access.

7. Change your author name

If you blog and your author name are available on your website, ensure you change this to display as something else rather than your WordPress username. You can do this by going to users > your profile > display publicly as and select the name other than your username.

8. Back up your site

Make sure you back up your WordPress in case the unexpected does happen. Back-ups are great at restoring your site quickly from attacks or when you make an error on your site. Remember, to always have more than one option when it comes to back-ups, as problems can and do happen. For example ensure you have daily back-ups with your web hosting provider, computer/devices and your own solution. Imagine the situation of losing all your website or content overnight and not being able to get it back. Believe it or not, it has happened to many businesses, and it’s best to be safe than sorry especially when it comes to all your hard work and efforts.

Why should I care about website security?

WordPress sites are used by more than 30% of websites today. Around 30,000 sites are hacked each and every day and new vulnerabilities are discovered. That’s not to say WordPress is unsafe as its an open content management system (CMS), and no website is 100% safe. Just remember to be alert and to take steps to minimise the risks.

The cost and loss of business from an attack can be a fortune. So be safe rather than sorry and work to secure your WordPress.

Secure your website with premium security solutions

If you are looking to secure your website and take the hassle out of updates, explore our green web hosting plans. Our Grow and Achieve plans include premium security software that provides you with extra assurance and peace of mind when it comes to your website and content.


More inspiration

Good for the environment

Want to reduce your small business carbon footprint further?

To inspire your business to do better for the planet, we’ve prepared this detailed eBook with 30 tips.

We’ll send you more wisdom and news monthly which you can opt-out of at any time.