How to Secure WordPress

Why Secure WordPress

WordPress is a robust website platform, used by millions throughout the world. It’s my favourite platform for building my own and clients websites, but because of its popularity it’s a prime target for hackers and malware.

Luckily for us there are a few good ways to secure a WordPress install and keep the hackers and malware at bay.


How to Secure WordPress

Tip 1 – Manual installation of WordPress

First thing we want to do involves the installation of WordPress, there are many web hosting companies offering quick install packages of WordPress. I strongly advise against using these packages, they often install an out of date version of WordPress, leaving you venerable to security breaches.

Your much better off and safer installing WordPress manually. I’m not going to get into that here, but you’ll find a great how to on the official WordPress site – How to manually install WordPress. Make sure to change the security keys when you’re editing the wp-config.php file, you’ll find instructions for that here – Change the Security Keys in wp-config.php.

Once you are done give yourself a pat on the back, your now running the most up to date and securest version of WordPress.

Tip 2 – Create a Back-Up & Recovery System

Next thing with any new site, is sorting out a back up and recovery system. Even the securest of websites can still be hacked, it’s less likely but can happen. I’d much rather be prepared than have to deal with the aftermath of an attack or infection.

There are a number of WordPress plugins that will do a comprehensive back up of your WordPress files and database. I like to use Codeguard.

Codeguard will automatically create a daily back up of your website and database, then monitor for any changes, if it finds something it will let you know via email. If the worst happens all you have to do is click the restore button and your site will be back up and running, malware free.

There are two options a free plan (you pay $25 if you need to download a recovery file) and a $10 per month plan, for most small business websites the free plan will be efficient, and effective.

Tip 3 – Setting Up Cloudflare For Security & Speed

Cloudflare is my secret weapon, it’s able to keep the bad traffic out and let the good in. Cloudflare works by routing all the traffic to your website through their “intelligent global network,” which is a type of Content Delivery Network, this in turn speeds up your website considerably, on average pages will load in half the time, making the browsing experience better for your visitors, add in the extra security, there optimiser and analytics and your on to a winner.

Cloudflare’s “intelligent global network” filters out as much of the bad traffic as possible, only allowing genuine visitors to your website, blocking spammers and hackers. Read more on how this works here – Cloudflare Security.

I’m sure your thinking how much to use a resource like this, but like Codeguard, Cloudflare have a free and paid plan, for all intents and purposes the free plan will be fine for most small business.

Both Codeguard and Cloudflare provide security badges that can be added to your website, this is something that’s well worth doing as it can deter hackers from considering attacking your site.

Tip 4 – Keep everything up to date

Last thing on my agenda, and perhaps the most important you can do with any WordPress install, is keep it up to date.

Patches and updates are released on a regular basis, to deal with security vulnerabilities, bug fixes and general WordPress upgrades. I cannot stress the importance of keeping you site up to date. Don’t delay installing these patches, do it the first time you see or hear about and update.

Like wise for any plug-ins you have installed, if they have an update, install it straight away.

Do you feel safer now?

That’s it for my 4 tips to a more secure WordPress installation, hopefully by now you’ll have a few ideas on how to secure WordPress.

I’d love to hear the steps you take to secure your WordPress, please let me know in the comments below. I’d also like to thank you for taking the time to read the first blog post on the Vertus Digital Blog, I hope you enjoyed it and would love to here any feedback below.

Speak Your Mind