Being hacked is what every website owner dreads to even think about. However safe and secure you think your site might be, taking those extra steps to make sure your site remains up to date with the latest plugins and security features can go a long way to keeping those unwanted nasties out.
There are certain things to consider and actions that can be taken to help secure your website.
Information is passed over the internet from one computer to another. The encryption provided by an SSL Certificate makes the information private such as credit card numbers, user names and passwords. Computers beween you and the server can see that sensitive information if the site is not encrypted with an SSL certificate. Since the roll out of Chrome 68 by Google, all sites without an SSL certificate will be marked, ‘unsafe’.
The Strength of Your Password
The most vulnerable area of a website is the front door key. A password will allow people in due to the simplicity (easy for hackers to guess) or shut people out due the complexity of a password. Brute force attacks and guessing are commonly used to break and enter into a site. Make your password unique adding a combination and variation of upper case, lower case letters, numbers and symbols.
If you easily forget passwords think of something that has meaning to you and if you can’t think of anything WordPress has a password generator that gives out unique and secure passwords.
Use Name – Use Your Email
Using your email instead of a user name is easy to remember.
Consider using a two-factor authentication
in April 2013 WordPress introduced two-factor authentication for added security. There are many plugins available to help secure the login process. Make sure you keep your mobile phone handy and remember the email address you used to sign in with.
Do Regular WordPress Backups
Regular backups can help restore your site to a latest version should something go wrong with it. Having a Dropbox account or another external storage account for these is a good idea.
Keep your plugins up to date
Regularly updating your plugins at a 2 week interval will keep your site running smoothly. Note: Plugins which haven’t been updated by the creator for over six months may have become obsolete. They may have also been hacked so I recommend not downloading those while also making sure that the new plugins you download are also compatible with your version of WP.
Use a Security Plugin with a Firewall and Malware Detection Scanner
Securing your site in this way is the most important of all. A firewall protects against hackers and brute force attacks by protecting from vulnerabilities on your site.
Disable comments on your site for less spam.
There’s a plugin called just that, ‘Disable Comments.’ which I use on all my websites with the exception of my blog website.
By Sandra Ciminelli – ACT Websites