Keeping WordPress Safe

If you thought that your website is not “important” enough to be hacked, think again! 
Hackers don’t discriminate and certainly don’t just target high profile companies.

WordPress is still our favourite Content Management System for Websites but with almost 30% of all websites using WordPress, it’s probably also one of the most targeted by hackers.

So, how do we keep our WordPress websites safe?

The Obvious

User names and passwords: when you first set up your WordPress website, you are given a whole lot of different user names and passwords – remember to change them. Most hackers use brute force software which uses trial and error methods to guess passwords, starting with the most obvious (“password”) – so try make your passwords complicated and include numbers, symbols and a mixture of upper and lowercase letters.

Ideally, you should also change the database name (and password) although this can be a little trickier to do as you will need to reconfigure a few WordPress files, but well worth the effort. Finally, change your ftp password with whoever hosts your website.

The Not-so-Obvious

There are plenty of plugins available that promise anything from Antivirus protection to monitoring (and blocking) just who is trying to access your website.

Some popular ones are WordFence, iSecure and Succuri and offer free and paid versions with advanced features. More details on various plugins can be found here.

Just like Antivirus on a computer, it is a personal choice and often a matter of trial and error to see which one strikes the best balance between protecting your site without slowing it down.

Some plugins offer Two-Factor-Authentication that stop anyone from trying to access the backend of your website without a code sent to your mobile phone first.


The Down-Right-Ridiculous

Renaming the WP-Admin folder or WordPress table prefix to a less obvious name – great in theory, but is likely to cause havoc with plugins and updates. 


Last but Not Least

Keep your WordPress up-to-date – including the Plugins to stop any known vulnerabilities. Remove any plugins you no longer need.

And most importantly – regularly back your site up and TEST the backup.


Need help securing your site?

Changing passwords and setting up security plugins can be a daunting task, so don’t hesitate to get in touch if you need help.




Have PC Harmony,
so you can concentrate on the more important things in life…