Security is a hassle, there’s no way around it. Taking off your shoes at the airport, locking your doors, having your bags checked before you enter stadiums- it’s all a big pain. But in the end, we know it’s worth the effort. Website security can be the same way. It takes some extra effort, but in the long run, it’s worth it. Most people don’t realize that they need security until after they’ve been hacked. It is a lot cheaper and easier to protect your site before that happens.
WordPress now runs 23% off all the world’s websites according to w3techs.com. That makes it worth hackers’ time to target. While WordPress core is secure, most websites use plugins, 3rd party themes, and custom code enhancements. These are not negative things, they just mean more openings for hackers to attack. You may not even realize that your website is being targeted because most times hackers are not successful in gaining entrance to your website.
I have a lot of customers who assume since their site is small, or because they don’t have any personal enemies, that their site is safe. That’s not at all true. Hackers don’t care who you are or the size of your site. Many simply want to connect a huge network of websites to send out their spam and host their files. They are writing computer programs to crawl the internet looking for WordPress websites with insecure code. They don’t care who you are or what your website is about.
But website security isn’t really that tough. There are two easy things you can do to make your website MUCH more secure.
- Use a strong password – with password managers like LastPass, there’s no reason not too choose a tough password – and one that is different from your other passwords. Not using the username “admin” is also a good idea.
- Keep WordPress and your themes and plugins up to date– updates are usually just one click and rarely cause problems anymore. Remember to always have a backup just in case something goes wrong.
If you’re looking for another layer of security, I recommend a couple plugins like iThemes Security and Captcha. Both are free plugins. Captcha takes just a few minutes to configure. iThemes takes a little longer, but adds quite a few security features that will make your website much harder to break into. If you don’t want to set these up yourself, I can set them up for you. Get more information here: Hire Me. If you do set up iThemes on your own, be sure to have ftp/cpanel access to your site -just in case the plugin locks you out by accident.
Extra credit: Read more WordPress Security Tips.