Securing WordPress

Securing WordPress is not something new. We have helped many clients protect their WordPress sites over the years and we wanted to share some of our best tips with you.

What We Recommend

Migrate to a managed WordPress host like Flywheel. Their hosting features include daily backups and ongoing security scans.

Update your account

• Remove any unfamiliar admin users.
• Turn off user registration unless you are running a member site.
• Keep all your WP, themes, and plugins updated.
• Delete any themes and plugins that are not being used.
• Change your WordPress password

Websites you can use to generate a password

• Bits from Bytes Password Generator
• Cloudwards Password Generator
• Setup a Strong Password

Recommended steps to protect you

You can use CloudFlare to improve site performance and security. This is a third party service that provides caching and security.

Securing WordPress is a necessary step. We will take a look at plugins that can help you with securing WordPress.

If you are using a WordPress managed host, then you may not need these plugins. Be sure to check with your host before installing.

Backup

The following plugins will backup your WordPress website to an offsite location.

• BlogVault
• VaultPress
• CodeGuard

Security

Installing a security plugin onto WordPress does help limit attacks.

• WordFence
• iThemes Security
• Brute Protect

Spam Protection

Nobody likes Spam comments and sometimes malicious attacks are sent through comments.

• Akistmet

Limit Logins Attempts

The WordPress login is one area that often receives attacks. These are plugins that can help protect you. 

• Limit Logins Attempt
• WordFence
• iThemes Security

Check the Google’s Safe Browsing Diagnostic: http://www.google.com/safebrowsing/diagnostic?site=YOURDOMAIN.COM/

Asking For Help

If you need additional support be sure to check out our Website Support.