Are security concerns keeping you from enjoying the flexibility and power of WordPress? There are people out there that claim WordPress is “inherently unsecure”, which just isn’t true. Like everything else in this digital age, you just have to take some precautions to protect yourself and your systems.
The fact is, while WordPress sites do get hacked, they are no more dangerous than other php-based websites. The problem is that WordPress is open source, which means that anyone can read the code—even the bad guys who spend all their time looking for vulnerabilities they can exploit. Couple that with the enormous popularity of WordPress, and it’s easy to see why you hear about hacks on a regular basis.
But that doesn’t mean WordPress is unsafe. By implementing just a few security best practices, you can greatly reduce your risk of being hacked.
1. Keep Your Installation Up to Date
This is by far the biggest risk when it comes to security. New vulnerabilities are discovered in WordPress and its plugins and themes on a regular basis, and if your site is out of date, it is at risk. Hackers actively search for outdated websites they can attack, so make it a point to keep your site up to date. That includes plugins, themes, and the WordPress software itself.
WordPress is very good about letting you know in the Dashboard when updates to all elements are available. Don’t ignore those notifications.
2. Use Strong Passwords
After out-of-date installations, the next most common method when it comes to inviting hackers are weak admin passwords. Weak passwords are regularly exploited with a technique called a “brute force” attack. Simply put, a hacker sets a computer program to repeatedly attempt to log into your site using thousands of the most commonly used passwords and what are known as “dictionary” words.
This type of vulnerability can be easily avoided simply by choosing good passwords. Ideally, your passwords should:
- Be longer than 8 characters (the longer the better)
- Contain a mix of upper and lower case letters, numbers and symbols
- Ideally never be used for more than one site
- Never be stored in plain text on your computer or email
- Never be sent by email
Also, consider using a password manager such as LastPass or Dashlane to generate and securely store good, strong passwords. Programs like these help create and deploy secure passwords without worrying about remembering them, and you’ll greatly reduce your risk of being hacked.
3. Be Smart About Your Hosting
Unlimited domains! Unlimited space! Unlimited bandwidth! And all for pennies per month. You’ve probably seen these types of claims and may even have a hosting account with one of these companies. The hosting market is very competitive and constantly trying to one-up each other for our hosting dollars.
That being said, the usual problems with inexpensive shared hosting is that they tend to overload their servers with thousands of websites to make it cost effective for them. Just as close proximity in crowded classrooms allows human viruses to quickly spread, close proximity of websites on a shared server means one infected site is a risk to all the others. We’ve seen this happen time and time again.
Rather than looking for the least expensive (and riskiest) hosting option, choose a host that allows you to isolate each site on its own cPanel. Doing so will greatly improve the security of your website. As usual, we recommend Siteground and WPEngine for secure hosting at reasonable costs.
In the end, the safety and security of your site and its data is entirely up to you. Keep your software up to date, use good passwords, and choose a secure hosting environment, and you’ll be well ahead of the curve on your WordPress security.
You may also like:
- Free WordPress Checklists
Helpful tips, best practices on launching, promoting, securiting and maintaining your WordPress website.
- WordPress Training Videos
Our free WordPress Essentials library contains over 50 continuously updated, high quality, video user manuals for the WordPress system.
Was this post helpful? Take a minute to share it!
Get instant access to our free online library and toolbox full of helpful time-saving ebooks, printable checklists, royalty-free graphics, training videos, templates, shareable social media images, and much more! We’re pretty confident you’ll find something useful in there that will help you build your business online!