How to Secure Wordpress from Hackers

Using WordPress to design your website is great because it gives us small business owners flexibility to update it easily without hiring a coder or web developer. But it is vulnerable to attacks. So, what can you do to secure WordPress from hackers? Here are six ways on how to secure WordPress from hackers.

Keep Several Backups

Your hosting company usually keeps some backups for you. But what happens if the stars align perfectly and you happen to lose your site (guilty) and don’t have a backup? You can lose everything. And yes, as hard as it is for me to admit, I lost my site once when those beautiful stars aligned perfectly and never recovered 100 pages - but that is another story and it won't ever happen again. So don't just rely on your hosting company for your website backups.

You can run your own backups with Duplicator, but it is somewhat technical although it has great reviews. VaultPress for business costs between $99/year and $299 and you've got 30 days of backups. You must go into your backup and download it to your computer on many of the options. There are other plugins as well that you can use to backup.

Have your hosting company run a backup for you and keep it on your computer and on your own backup system. If you host your site on SiteGround (they’ve been great so far), purchase or upgrade to their Grow Big package and you’ll have 30 days of archived backups. GoDaddy also has 30 days of backups for WordPress installations, although I don't use them for hosting WordPress.

Oh and before you make any changes to your WordPress website's backend, make sure you do what? Backup!

Don’t Use Admin for Your Username

Oh my gosh, I've seen this so many times: many web developers or do-it-yourselfers use admin. Make your username difficult and NEVER, ever use admin. Use a random password generator like Random.org., Norton. or LastPass. Use a combination of numbers, symbols and capitalization and make it longer. Same goes for your password. Make them difficult.

Check All Plugins Before Installing

You may know about the WordPress plugin vulnerabilities in 2015 that opened up websites to being hacked. Be cautious when installing plugins for your WordPress website - check them out. Use the WordPress plugin search to find out information and ratings.

And checking them out doesn’t guarantee that they won’t eventually be open to vulnerability, but it does help. In 2015 even one of my favorite and highly regarded plugins - Yoast SEO had some problems. But they immediately addressed them and created a patch. But I’ve even purchased plugins where the developer does not update them and eventually I’ve had to delete them.

Oh and note that plugins may slow your site down.

Update Your WordPress Version

WordPress releases new versions and you should be updating yours. You’ll be notified when you are logged into your admin panel or by your hosting company. Make sure you backup your site before you update. I’ve also run into problems with some sites that I’ve taken over from other web developers. I quit updating one of my customer’s website because we had to change so much of the coding after each WordPress version update as the site wasn’t coded properly to begin with. So, I’m in the process of creating a new WordPress site for them. What a shame because they paid a fortune for it and while we didn't update, they were open to being hacked.

Change Database Prefix

Your database stores your posts, pages and media files and is vulnerable to being hacked. You should change this when installing your website or before you publish. Here’s a step-by-step tutorial and video from WPBeginner on how to change your database prefix. It’s technical, so contact Kick A or have your web developer do this.

And Finally

There are additional things you can do including securing the .httaccess, adding a login lockdown , adding SiteLock, Sucuri or Wordfence. And yes, Kick A can help you secure your site.

How have you secured your site? What have you found that works? Have you had any problems with WordPress security? How have you secured your WordPress from hackers? Comment below please! Oh and sign up for a free website review at Kick A Marketing.

Connect with Jo at KickAMarketing.com.

Jo Guerra with Kick A Marketing is a WordPress web designer, certified SEO specialist, does rock star marketing consulting and writes copy that doesn’t suck-the-life out of prospects. She works with young-at-heart female prime time entrepreneurs. Her kickboxing name is JoJoStar.

The original blog post was published at https://kickamarketing.com/wordpress/how-to-secure-wordpress-from-hackers/