Earlier today a client contacted Opuscule HQ with a question about WordPress security. With its popularity worldwide and structure of components, WordPress websites are inherently susceptible to hackers. Fortunately, there are multiple steps a website owner can take. Here are a few…
- Strong Passwords – make sure anyone with a login to your site has a super strong password, and remind them to change it regularly
- Updates – keep plugins, themes and the WordPress core updated as frequently as possible
- Audit Users – some of Opuscule’s clients have had their sites for years, added employees, and never bothered to remove those accounts after they were no longer needed
- Security Plugin – install a plugin like Wordfence. Beyond providing a scans of your site, it sets ‘wrong password attempt’ limits, timeouts, and so many other settings to help protect you
- User Roles – when creating new users, WordPress allows you set their permissions based on a defined role. Choose carefully, allowing access only where necessary
- Malware Monitoring – many hosting providers, including the one provided by Opuscule, provides this service for free
- Daily Site Backups – a number of hosting providers also include this, which allows you to revert back to a previously saved version should anything go awry
- Plugin Audit – use install counts, ratings and update frequency to help vet the plugins you use, and remove any which you are not using
- Comments – if allowing users to submit comments on what you share is part of the best user experience, do so diligently. There are plugins which help stop spam and others which bypass the default WordPress comment system altogether.
Many business owners don’t have the time to handle all these. Fortunately, Opuscule is here to help. Get in touch if you’d like us to check out your website and make sure you are following best practices. And if you’re looking for peace of mind, let Opuscule manage your WordPress site.