Hello everyone, this is Kevin with Ballen Brands and today I’m going to discuss the 5 most important steps you can take to help keep your WordPress website safe and secure.
1. Use Strong Passwords
According to Wikipedia, here is a list of the top 20 most common passwords from 2017.
If you’re using a password that’s even remotely close to any of these, you should change them as soon as possible. The strongest passwords are those that have a random assortment of upper and lower case letters, numbers, and special characters.
2. Update Themes and Plugins
Outdated themes and plugins may have security vulnerabilities that put your website at risk. Check your themes and plugins on a regular basis and update them when updates are available.
If you use free plugins from the WordPress.org repository, it’s a good idea to occasionally check to make sure those plugins have not been removed. Sometimes a plugin is removed from the repository because of security risks, so if you find that one of your plugins is no longer available, or if the developer of the plugin has stopped releasing updates, it may be best to remove that plugin from your website and use an alternative.
3. Delete Unused Themes and Plugins
If a theme or plugin contains a security vulnerability, your website could still be at risk even if the theme or plugin is inactive, so it’s a good idea to delete items that are no longer in use.
4. Limit Login Attempts
One of the most common methods that hackers use to gain access to your website is through a brute force attack. This is where a hacker uses automated software to repeatedly guess your login credentials, over and over, until it guesses correctly. By using a plugin that limits login attempts, incorrect logins will be blocked from repeated attempts.
Ballen Brands offers managed WordPress hosting, which automatically has a Limit Logins plugin activated. You can view the settings for this plugin by going to Settings > Limit Login Attempts.
5. Backup Your Website on a Recurring Schedule
Keeping backups of your website files and database are an important step for website security so that if your website does become compromised, you can restore it to a previous version without losing all of your data.
Ballen Brands managed WordPress hosting includes scheduled website backups every day, and the backups are stored for 30 days. If you’re using an unmanaged web hosting service that doesn’t offer automatic backups, you can use a plugin such as Updraft Plus to schedule backups yourself.
For more great videos and tutorials, please subscribe to our YouTube channel. If you found this video helpful, please give it a thumbs up and we’ll see you next time.