WordPress websites are great, looking fantastic and relatively easy to manage but because it is a platform and you store important information there a WordPress website can be hacked! Also, there are other things that can go wrong with your “all-singing and dancing site.” What would you do if you lost your content through lack of backups? I’m sure you would be heart-broken and demotivated to have to start all over again.
Here are some top tips on how you can take steps to avoid this happening to your WordPress website.
Better be safe than sorry
Your website needs to be secure and that isn’t too difficult, you will need to:
- Create a strong password
- Install a security plugin
- Install a backup plugin
1. Create a Strong Password
Firstly, P4$$w0rD is not a good password.
Cracking passwords is common and a major method of breaching WordPress websites so having a strong one is vital – check out our article on creating strong passwords.
Second, a good username is important.
“WordPress used to create a default username of “admin” and all you had to do was enter a password during the installation process. However, this was a gift to hackers intent on breaching your security. Knowing the vast majority of website owners would keep the default username the hacker only had to crack the password using dictionary/brute force hacking techniques.
A few years later, WordPress dropped this practice and now a self-chosen username is also required to replace the now defunct default “admin” one. Just don’t use “admin” as your username! And if there is an “admin” user on your system replace it with a different username” – Alex Kingsley, web support specialist at Octagon Technology
2. Install a security plugin
Alex our website support specialist recommends Wordfence. This is a security plugin which has a Web Application Firewall (WAF). It will protect your site from a variety of attacks.
Remember updates! They need to be implemented asap to avoid hackers implementing exploits. Fortunately, you can set up Wordfence to notify you when an update to a plugin or theme is required. Do your theme and plugin updates whenever Wordfence notifies you!
Updraftplus (see below) will take care of backing up themes and plugins before you carry out an update. This is vital in case an update causes a malfunction on your website.
3. Install a backup plugin
A backup is not a backup unless it is automated. We recommend the premium version of Updraftplus as it provides backup automation before the update is implemented.
“Remember to set up the plugin to backup your database, plugins, themes and uploads on a rolling 30 day period, and when it comes to updates the software will automatically backup your plugins and themes before you carry out the updates, saving you the hassle of manual backups.” – Alex Kingsley
Need help?
If you would like help in setting up and configuring any of these plugins please contact me on 01522 797520 and I will arrange for a member of the team to get in touch – we even have a fully-managed backup and updating service if you prefer.