WordPress Security – Is Your WordPress Website Secure?

Note: You can find an updated and more detailed post on WordPress website security here

Over the past week, there has been many major sources confirming mass brute force attacks targeting WordPress and Joomla websites.

What Does This Mean?  Basically, it means that there is a large amount of hackers repeatedly trying different passwords to access a website.   So you need to ensure that your website is protected to limit its vulnerability.

Here are my suggestions to ensure your website is protected as much as possible.

1. • Version – Regularly check to make sure you are running your website on the most up to date version of WordPress.  Each update usually includes important security upgrades.  Just log in to your dashboard and if there is an update available you will see a message at the top of your page.  Remember to perform a backup prior to starting the update.

1. • Username – Ensure your username is NOT admin or something similar.  If you are using admin as your username, I would highly recommend you change this immediately.  This is a common username that the hackers are using to try and gain access to WordPress websites.  Click here to find out how to change your WordPress Username.

1. • Password – Use a very strong password and make sure it is unique and not used for any other login passwords you use on the internet.  A strong password should contain a mixture of uppercase and lowercase letters, symbols and numbers.

1. • Security – Use a plugin such as Better WP Security or Wordfence to further enhance the security of your website.  Sucuri is another fabulous option which also includes an automatic monitoring feature which will notify you if suspicious activity is detected.

1. • BackUp – Ensure you carry out regular backups of your website.  If the worst does happen, at least you will have a backup to restore back to.  Just one thing to remember with backups – there are backups that just backup your files or there are complete backups which will backup your entire site including your design.  If you have to start from scratch you don’t want to have to hire a designer to re-design your site for you so ensure you have a complete backup.  I highly recommend BackUp Buddy.  With BackUp Buddy you can choose to have a complete backup plus you can schedule your backups so you don’t have to remember to do them.  Once you have performed a backup ensure that the file is downloaded to your computer or to a storage option such as Dropbox.  Don’t rely on your hosting provider to backup your website – you want to be in complete control and hold the file so that you are confident that an up to date backup is always available.  If you have your WordPress website designed by us, we automatically install and customise BackUp Buddy for you.

Don’t put this off.  Ensure you keep your website as secure as possible and implement these measures immediately.  This is a regular occurrence and you don’t want your website to be the next victim.

If you need any further help with any of these measures please get in touch with us so we can assist you.