5 tips to improve the security of your WordPress site

  1. Your username and password. We’re starting with an obvious one that is sometimes overlooked. Ensure your admin username and password for your Dashboard is secure. Don’t use the default “admin” or “siteadmin” username, use a combination of letters and numbers. You can use a display name in WordPress, so your blog comments will show that display name instead of your username. Take the same approach for your password, use a combination of letters, numbers and special characters. Don’t be the user that has “123456” as their password, that particular combination is one of the most commonly used passwords.
  2. Keep WordPress updated. See that little notification at the top of your Dashboard? “WordPress 4.X is available! Please update now.” Go ahead and update… right now. And every single time you seen an update available. This will make sure your WordPress software has all the appropiate security updates. If you’re not logging into WordPress often, then use a plugin like Wordfence which you can set-up to email you when an update is available.
  3. Keep your plugins updated. As well as keeping your WordPress software up-to-date, you’ll need to do the same for any plugins that you use on your website. If you go to the plugin section within WordPress, you’ll see if any of the plugins can be updated.
  4. Wordfence. We’ve mentioned Wordfence above to help you keep the WordPress software up-to-date. But it can also be used to help with security monitoring and malware scanning. You can turn on a feature that alerts you to any suspicious activity on your website, so it’ll automatically send you an email anytime there’s an attempted login. You can also run malware scans on your existing files, which is a good idea after installing a new plugin.
  5. Keep back-ups. It’s essential that you have a reliable back-up process in place in order to cover yourself when things go wrong. You’ll want to check with your web host to see if they have a back-up feature included as apart of your plan. Most have some sort of automated back-up system in place. If you don’t have a back-up feature with your web host, then there are a couple of options you can use via a WordPress plugin. Backup Buddy is one of the most popular options.