This is an important, not fun and too important to skim over.
Fixing a site that has been hacked is nasty business. I have had to scour sites to clear them of code that was inserted in the pages to redirect the viewer to other sites. I’ve also worked with a client that has been the target of multiple hack attempts because he writes books with controversial subject matter. These things are large, time consuming headaches.
All sites have vulnerabilities. Because WordPress is the most popular content management tool in use, I’m addressing WordPress issues, but no matter how you build your site, you should educate yourself to security matters. When a site is hacked it can take many hours of work to fix and alleviate malicious files. Fortunately, many of these issues can be avoided with a little upfront work. These security precautions can take mere minutes to implement and will save you a lot of headaches and money down the road.
Update WordPress software
WordPress releases a new version of its software every few months. Many of these software updates address known security issues and improve overall site safety. Updating your software takes about 3 minutes.
Always keep your themes and plugins up to date
Good theme and plugin developers will occasionally release updates that add new features as well as address compatibility and security concerns. Install and update these as they are released.
Use hard-to-guess usernames and passwords
Only use strong passwords for your hosting, WordPress login, and FTP accounts. Passwords should include numbers, letters (lower and upper case) and special symbols. Don’t use your name or any part of your site’s name in your passwords, or ‘admin’ as a username.
Install security software
There are several WordPress products designed to limit login attempts, and alert you to security breaches. I like WordFence, but there are many great plugins out there.
Backup your site.
Keep multiple backups of your files. I like BackupBuddy. Your host company may also provide this service. In a worst case scenario, you can reinstall files without losing content.
There are a variety of other precautions you may want to take, depending upon your traffic, budget and other risk factors. Visit the WordPress codex for more.
I encourage you to take an hour this week and do a security checkup!
Like, it? Tweet it. Tweet this