If you frequent this blog often you’ll know that we love WordPress. I recommend it for almost every web development project that we undertake. The features and customization with WordPress is bountiful. However, there is one major drawback to WordPress: security.
Let me first address why WordPress is vulnerable to security threats. It’s open source software. All WordPress websites rely on unique themes and plugins to work, and these, like any software, need to be updated over time to address flaws or bugs (or to simply improve). Outdated versions of WordPress and outdated plugins are susceptible to being hacked.
A recent study revealed that 40,000 of the top 1 million Alexa websites were using WordPress, and among those, 73% were vulnerable to hacker attacks! It’s important to note it’s not on your web host to secure your website and prevent hacks. They’re simply a medium for keeping your website live. If you have a reliable web host they’ll be able to restore a backup of your website in case it’s hacked, but that doesn’t solve the problem.
The good news is that there’s many ways that you can protect your website (and keep your web host happy). Here are a few tips for securing your WordPress website:
- Always utilize the most up-to-date version of WordPress
- Always keep you plugins and themes updated
- Delete old plugins and themes
- Make sure each user has a strong password (and delete old users)
- Back up your website daily (more of a security blanket just in case)
- Customized, daily malware scans
- Lockdown lockdown functionality
- Permission sweeps & encoding filters
- SQL injections & plugin monitoring
Numbers 1 through 5 are things you could potentially do on your own, or with the help of your web host. Numbers 6 through 9 help to secure and protect your WordPress site even more.
For these types of services (numbers 6-9) you typically need to invest more money on a monthly basis, above and beyond what you’re paying your web host. However, with TRBO you get these extra security features included in our monthly hosting.
If you’d like to learn more about how you can protect your WordPress website then leave TRBO a message here, or call 877-673-7096 x2.
