WordPress Security – Keep Your WordPress Site Safe

With great success comes threats and as WordPress has become the no.1 CMS on the planet it follows that there are bound to be more hackers trying to find vulnerabilities. That is why WordPress security is vital for your WordPress site – you wouldn’t leave your brick and mortar business unlocked and you shouldn’t leave your WordPress site exposed. Here are some of our top tips for WordPress security.

WordPress Security – Keep Your WordPress Site Safe

1) iThemes Plugin
The iThemes WordPress security plugin for WordPress is arguably the best security plugin currently available. It is crammed full of settings you can use to put up the defensive shields to repel any would be WordPress hackers. We’ve extensive experience with this plugin so get in touch if you’ve any issues with it.

2) Limit Login Attempts
Hackers generally only gain access to your site via brute force attacks (repeatedly trying to login using different username and password combinations) and so a power play move for WordPress security is to limit the number of login attempts an IP can make. This is a great and easy way of safe guarding your site.

3) Change Default Login Url
When you’re logging in to your WordPress site you probably login at a URL like yoursite.com/wp-login and that is the URL format that hackers will follow to try find your login panel. If you change the default login panel location you’ll make it more difficult for hackers to hack your site and will nudge your site down the path towards WordPress security nirvana.

4) Restrict logins to certain IP Addresses
Some clients require that their WordPress security is really nailed down tight and for clients like these we restict the IP addresses that are allowed to login. If there are multiple users who require logins with lots of different IPs (especially changing IPs) then this may not be the ideal option but for WordPress sites with just a few users in one location this can be very effective for WordPress security.

5) Take Regular Back Ups
This WordPress security task is often long fingered and not high on the priority list but it’s only when you need a back up that the value of taking regular back ups becomes apparent. By taking regular back ups you’ll have a fail safe should your WordPress security be jeopardised. Take full content and database back ups regularly to stay safe – or ask us to get a back up policy in place for you, it’s what we do :)

WordPress Security – Keep Your WordPress Site Safe

With WordPress security in place the key thing to remember is to never panic when the worst comes to pass. By keeping your head, when all around you may be losing theirs, you’ll be able to focus on the WordPress recovery task at hand. Most hosts provide a roll back service which can be a good way to recover your site. If you’ve been taking regular back ups you’ll be able to rebuild your site which is what WordPress security is all about – being able to recover when the worst happens and minimising down time.

We’ve had the pleasure of recovering lots of sites from lots of hack jobs so if you’re in a bit of a bind get in touch with us and we’ll sort you out.

About the author: Niall Flynn
WordPress Developer, Wrangler, SEO and Web Developer. follow @niall_flynn. I blog primarily on technical SEO applied via WordPress.

Leave a Comment