How to Keep Your WordPress Site Secure

Posted on Apr 14 2014 by in Blog 

The internet is an amazing place, full of websites and connecting people from all over the world. With so many people spending a great deal of their time online, there is always the risk of hackers and malicious users attempting to gain access to a WordPress website. Whether you operate a business online or post to a personal blog, you can still become the victim of a targeted attack on your website. WordPress has become one of the most used methods for creating websites affordably and quickly. The more attention a blogging platform like WordPress gets, the more likely there are to be those that want to hack WordPress websites. If you use WordPress for creating your website, then make sure that you learn how to keep your WordPress site secure.


Maintain Strong Passwords

Above all else, you should always create a secure unique password. This applies to both your administrator account and any other users that have administrator privileges. Many hackers utilize software that will automatically go through and try to enter every word in the dictionary until they come across a word that works. The same is true of number sequences, such as dates, including birth dates. The best passwords are randomly generated and carry no significance at all. If you choose to not use a random password generator then at least try to follow the standard safety protocol of using a combination of letters and numbers.

Keep Everything Updated

There are so many different reasons for keeping your WordPress installation updated and security is definitely one of them. In fact, the majority of WordPress updates are related to security fixes. After the WordPress team has encountered security vulnerabilities in the current release of WordPress, they start working on security fixes, which result in updates to WordPress. In addition to keeping your installation of WordPress updated, go through and ensure your theme and all of your plugins are up to date as well.

Do Not Use the Admin Username

In the past, WordPress would create an administrator account during setup called admin. Despite the fact that you can now create a new username during the setup process, many people still choose to name their primary user admin. This is the first username that hackers will use when trying to log into your WordPress installation. If you are already using the admin username, then create a new user with administrator privileges and delete the admin user.

Keep Your Installation Clean

As mentioned, you need to keep everything updated; though, you also need to keep your WordPress installation clean. This means removing plugins that you no longer use and deleting files that no longer serve any purpose. After installing a new theme, be sure to go through and delete themes that you are no longer using. Another option is to use a plugin like Wordfence, that acts as a safeguard against threats for your site.  This can save you plenty of time if you are having problems, and also provide a secure option through the use of a plugin.

Finally, remember that no site is completely secure against hackers; however, by following some of these common sense tips, you can increase the difficulty of others being able to access your site. The more safety tips that you follow, the safer you will be, as a hacker will more than likely try to find a WordPress site with less protection.