One of the most irritating aspects of any WordPress website is sooner or later you WILL be hacked. Unfortunately, the bigger your website gets the more of a target you become. This threat becomes very serious once your website is established and generates ongoing revenue for your business.
Luckily preventing this problem is easier than you think, where 95% of all problems can be avoided with a few easy steps. Taking these precautions will save you a lot of time and heartache, along with possibly thousands of dollars down the road.
*Please note a few of these steps may need to be performed by your web developer or web hosting service.
Update your WordPress theme and plugins regularly
Updating your WordPress plugins makes sure the latest security patches and system requirements are up to date. This not only prevents security risks but also any glitches or errors with your website. It’s recommended you update outdated plugins as soon as possible after you’ve made a proper backup first.
Use reputable and well-reviewed plugins only
Just because you find a cool plugin on WordPress doesn’t mean it’s always a good idea to use it. Observe how many downloads the plugin has, what the review score is, and the date the plugin was last updated. Certain plugins may no longer work correctly and may cause conflicts with your website. Worse yes less then reputable plugins may try to install spam or other unwanted promotional material on your system.
Use HTTPS over HTTP
On July 24th 2018, Google started listing any website without the proper https:// extension as “not secure” or an unsafe website. HTTPS with a proper SSL certificate installed protects websites where personal contact data or credit card details are collected. Hackers prey on non-secure websites for spamming purposes or to access your personal banking information.
Install a WordPress security plugin
There are many WordPress security plugins available such as WordFence, Securi or iThemes Security. Free versions are available with the option to upgrade to the PRO version to unlock all features. Once installed the plugin will run an instant scan through your WordPress website to detect any viruses or threats. In most cases, the program will remove any corrupt files for you automatically.
Create regular backups for your website
No website is 100% impenetrable, even with the best security in place. You should back up your website early and often, especially after you’ve made any major changes or updates. Free programs available include All In One WordPress Migration, UpdraftPlus, and BackUpBuddy. Should your website crash or become infected you can restore your last saved version with one simple click. It’s recommended that you have your web developer perform a manual backup of your site as well.
Install anti-virus software on your main computer
Installing a proper security plugin on your website is critical but shouldn’t be your only line of defence. Should your main computer become infected, anything you upload to WordPress afterwards site may bring the virus with it. Make sure you’re using the proper anti-virus software with some of the most popular options being Bitdefender, Norton, and Kaspersky.
Avoid visiting questionable websites or opening suspicious emails
This should be a no brainer considering it’s still arguably the top cause of viruses and malware. If you’re visiting websites you probably shouldn’t expect to pay the price eventually. Same with opening emails that appear spammy or suspicious. The worst part is your computer often becomes infected without you realizing it, meaning it could easily spread and do more damage.
Use hard to decipher usernames and passwords
It’s tempting to use a simple username and password for your WordPress website since it’s easy to type and remember. Simple passwords however are one of the biggest possible invites you can offer to potential hackers. Pay attention to the security score of your password before locking it in with a score of 100% if possible. That means using a combination of uppercase and lowercase letters, capital letters and characters (@*#&%$) for the safest results.
Use A Quality Website Host
Sadly not all hosting providers are created equal, with the lower quality options often posing a greater risk. Although you may want to save a few dollars monthly on the cheapest option you get what you pay for. A low-quality host is not only a bigger security threat but negatively affects your website performance. Websites with poor hosts usually have longer load times, go down more often and hurt your SEO ranking.
Taking these steps will ensure your website is protected from viruses and hackers throughout 2019 and beyond. If you have any questions leave us a comment or send us a message at firstname.lastname@example.org