Site security is so important when it comes to your WordPress site. Whether it is a new site you have launched or an existing one you have had for years, protecting your work and content it imperative to minimise attacks and downtime in your business.
Here are 5 key steps you can take:
1. Ensure your admin username is NOT ‘admin’. As basic as this sounds you will be surprised the number of sites I see which still have this as their username. Not only is it not safe but it is a hackers paradise.
If this is you, create a new admin account immediately with a new username and password. Delete the old ‘admin’ account and transfer all the posts by ‘admin’ to the new user name.
Speaking of users – delete any users who no longer need to access your site.
2. Ensure you have a maximum strength password – again similar to the above, you don’t want to make it easy for people to access your account. Use something like strong password generator to create one for you.
3. Do regular backups and send the file to a remote destination e.g. Dropbox, Amazon S3. Looking for a good backup plugin – my go to is BackupBuddy all the way.
4. Deactivate and delete plugins you are not using and regularly update the ones you are.
5. Install additional security measures such as Wordfence and Login Lockdown to notify you of changes to your site and lock out people who attempt to access your site without the correct login credentials. Both of these plugins are free.
So how is your site doing on the security side?