Stop worrying about security and updates! White Glove Support

Additional menu

WordPress Consultant: Judith Kallos | At Your Service...

WordPress Consulting, Small Business Coaching & White Glove Support Services

You are here: Home / Helpful Tips / WordPress How To: 5 Simple Steps to Avoid Hacker Headaches

WordPress How To: 5 Simple Steps to Avoid Hacker Headaches

Authored by: JUDITH | Originally Published:
Last Updated:

Regardless of how your site is structured or coded, you need to be aware of and do certain things to make sure your site remains secure and is not a target of hackers. For WordPress, these steps are pretty simple and can, for the most part, be handled automatically or with little effort. The key is to get a system in place and follow it!

The primary reason sites get hacked is due to lax security and outdated software, themes and plugins. If you have a WordPress website, you now have the unavoidable responsibility to keep that site up to date. That’s just part of the gig. When WordPress updates — you update! When your them or plugins offer an update — you update!

Updating is not something that you have the luxury of ignoring. Don’t keep up and you may wake up one morning to a hacked or broken site.

Today I’ll share with you the basics that anyone who is not a techie can easily integrate to help protect their WordPress site/Blog.

5 Steps to a Secure WordPress Website

  1. Once your WordPress site is setup, setup a new account and then delete the default Admin account. Hackers look for that “admin” account to exploit.
  2. Make sure your WordPress Username is not your name. That’s the first guess those trying to access your system will make.
  3. Change your password to something wacky. Not your pet’s name, not your husband’s nickname, not your birth date — and for goodness sake not “password”. Include at least 8 characters, both upper and lower case and throw in some other characters for good measure. WordPress suggests difficult passwords (like this: vPh#[email protected]) for you to use on your User page under Account Management > New Password > Generate Password Button. As crazy as those passwords are — they work — use them! Do the same for your server/FTP password by creating a different password than what you use for your WordPress login.
  4. Install a Security Plugin. All In One WP Security & Firewall or Wordfence Security will help you to cover all the bases.
  5. Update, update, update! But back-up first! When you see that nag bar at the top of your screen, update WordPress and your plugins right then and there. Not sure how? I’ve got a post to help you backup and update WordPress as easy as 1,2,3!

One last thing… Who you use to host your site can make a huge difference too. Hosting companies that offer Managed WordPress Hosting are in a better position to secure their servers because they know WordPress’ vulnerabilities. Things like multiple, powerful firewalls between your data and threats and proactive detection and elimination of malware.
That’s why I trust WPEngine (<=AffLink) for all my sites.

You Will Cry Like a Baby if You are HackedI hear from panicked WordPressers after their sites have been hacked — no backups; no precautions taken. If you find yourself in this position and crying like a baby — you’ll have no one to blame but yourself because now you know better!

You can avoid this unpleasant experience by taking the 5 steps above. Go on — what are you waiting for?

At your service,
WordPress Consultant Judith

WPMuse Briefings

At the end of each month I create a useful Briefing filled with Posts, Tips, Resources & Inspiration. Delivered to your inbox!