We love WordPress, so much so that we’ve even developed a plugin for this CMS. However, WordPress isn’t without flaws. As I’ve said before, the biggest flaw with WordPress is its vulnerability to hacking.
So how do you secure you WordPress website? In this article I dive into some tips:
- Always utilize the most up-to-date version of WordPress
- Always keep you plugins and themes updated
- Delete old plugins and themes
- Back up your website daily (more of a security blanket just in case)
- Make sure each user has a strong password (and delete old users)
- Customized, daily malware scans
- Lockdown lockdown functionality
- Permission sweeps & encoding filters
- SQL injections & plugin monitoring
A solid hosting company can keep you WordPress site very secure. We recommend wpengine.com as they focus solely on hosting WordPress website. They essentially handle #1-4 noted above.
#5 above is the most preventable. For a complete list of passwords you should never use, check out this article.
#6-9 are a little more involved, so you’ll need a 3rd party security provider, such as sucuri.net. Is this service essential? At about $10/month it provides a nice peace of mind that your site is protected, so the more traffic you get and the more you invest in your digital presence the more it becomes important. With a cut-rate hosting provider Sucuri becomes more essential.
While web spam isn’t a threat to your security, it’s annoying, so it’s worth noting that you can guard against this by utilizing Askimet and Gravity forms.
WordPress really is one of the best CMS solutions for medical and aesthetic practices, but it’s open source. This makes it vulnerable to hacking. It also makes it vulnerable to “hacked together” themes, which can crash, but that’s an issue for another day (and one you’d need to address with your web developer).
If you have questions about WordPress or WordPress hosting, or you’d simply like to learn more about what we offer drop us a line here. You can also call us directly at 877-673-7096 x2.