You might have read about WordPress sites being a target for hackers. It’s not that something is lacking in WordPress, but since WordPress powers over 30% of all sites in the universe, it is attractive for hackers to run their automated programs and pick off the low hanging fruit, the sites that have security issues.
To keep your WordPress site safe and performing well, you need to do some regular housekeeping. Here’s a short-list of items that will help keep your site from danger. You’ve made an investment in time and money creating your website and if you don’t take care of the items below, it’s only a matter of time before you’ll find Payday loan links, or worse, popping up on your site:-(
- Don’t use ” admin” for your user name. A new WordPress typically comes with “admin” as the user name. If you don’t change it by getting your own user name and password, you’ve given spammers a 50% headstart on hacking into your site. So, check on the Users tab in your dashboard to make sure no one is using Admin as a user name. If they are you can change it by creating a new user with a different email address. And then delete the user that has Admin for a user name. Before WordPress deletes that user account you will get prompted to change the author of the existing posts and pages to the new user name. Do this and then delete.
- Use a strong password. WordPress will let you know when you are setting a password if it is secure. This is important to pay attention to. And please never use “password1234” or something equally obvious on your WordPress site or anywhere else!
- Backup your site files and database as often as you add new content. In other words, if you never add new content then your backup is good from the day the site was created. If you add new content every day, then you must back up every day or risk losing content if your site were to be compromised.
- Keep your WordPress versions, themes and plugins updated. Once your site is backed up, go to the dashboard admin bar and check the dropdown under Dashboard for any versions, themes or plugins that need updating. Go ahead and make the updates.
- Host your site with a managed WordPress hosting company. We recommend Pressable, WPEngine for stellar performance and safety. These web hosts only host WordPress sites. They optimize their technical configurations for specifically for WordPress websites. And, they closely monitor their sites and the plugins their clients use for any security issues and take care of them before they become a problem.
- Keep all WordPress sites on your hosting account updated. Check to see if you are hosting any other WordPress sites on sub-directories of your web hosting account. For example, you may have forgotten that you are hosting a relative’s website or a test site on your account. If this is the case, you must also keep these other sites updated or delete them. Any out of date site on your hosting account could be hacked and once the hacker gains access to your account, all sites on the account are vulnerable even if they are running current versions.
If you know yourself and know that you are not going to take care of this maintenance on an ongoing basis, New Tricks has a program for you. Check out our monthly hosting, maintenance, and support packages and let us do the heavy lifting for you.
Find Out More About New Tricks Hosting and Maintenance
A Word about Passwords in General
These days the bots that hammer at sites with their algorithms trying to break passwords know most of the tricks we use to try and make our passwords secure. It may be time for all of us to start using a password program such as LastPass.
LastPass has some interesting metrics on their site”
- 73% of people use the same password for multiple sites.
- There is an average of 6 characters in most passwords.
- It takes pros 3 minutes to crack the average password.
While LastPass does the job overall, I just got a new resource from a reader, Adam Roger.
Adam found a better tool for generating passwords, Safety Detectives. This tool creates passwords from regular words, making them easier to remember, for example, the word “benediction” will be b=nedicT10n. Give it a try!