3 Simple Steps to Improve Your WordPress Website Security

Although none of us ever think hackers would possibly be interested in our little old website, the reality is that hackers actually target smaller websites because of the fact that they are usually the least secure. Considering the financial repercussions of having a business website compromised by viruses, malware or phishing kits, strengthening your website’s security should be at the top of your to-do list – particularly for small businesses who don’t have the resources to withstand the consequences of a corrupted website.

Fortunately, if you have a WordPress website, there are several simple and straightforward measures you can take to beef up your security. Below are our three top tips that you can use to make your site more secure—even if you’ve got zero technical know-how.

1. Never use admin as your username
You’d be surprised at how many administrators for WordPress sites stick with the default ‘admin’ username for the admin account.
This is the first username hackers will try when attempting to access your website, so by using ‘admin’, you’re already giving hackers half of your login details.
On a fresh WordPress install, run the plugin ‘Add multiple users‘ to create a random number of users and names.

Installing a the ‘Limit Login Attempts‘ plugin is also advisable, as this will protect you from the tens of thousands of hacker login attempts that are bombarding your website on a daily basis (that’s right—tens of thousands).

2. Strengthen your password
Make sure your password is made up of at least 8–12 characters; it should include a mix of upper case and lower case letters, as well as numbers and additional symbols like asterisks where possible. Don’t use one password for all of your online accounts, and avoid using standard words – hackers can use software that will instantly test your password against every word in Wikipedia, so try using password generator programs to ensure you have the strongest possible password for your WordPress site.
Need a strong password generator? You got it!

3. Clean up and update
To get the best possible security for your WordPress website, it’s critical that you always update to the latest version of WordPress. All of your website’s plugins and themes must also be updated constantly so that your site isn’t vulnerable; when programs are updated, it’s often because they have addressed bugs or security holes in the outdated versions.

If there are any old or outdated plugins, widgets or themes that you aren’t using, delete them – otherwise, it’s only a matter of time before they lead to a security breach.

Each of the above steps is simple and doable for WordPress administrators with even a basic level of technological knowledge. However, there’s much more that we can do to make your website fully secure against hackers. To find out more on how Point and Stare can lend its expertise to improve your WordPress website’s security, contact us today.

FURTHER READING