How can you avoid being hacked?
WordPress is really great software and it’s typically very secure but there are some things you should do on a regular basis to avoid being hacked.
Update Passwords
- Update your passwords a few times per year to something more secure. 10 characters (or more) with upper & lower case letters, numbers and symbols.
- Don’t use the same password for everything. Make sure your website password is unique.
- Never use “admin” or “administrator” or anything common as your username.
Implement Security
- Configure a security plugin on your site and monitor all alerts. (I recommend Wordfence).
- Consider purchasing additional security for example see Seccuri. Your hosting providor may suggest optional similar services.
Update software
- Update WordPress, themes and plugins as soon as updates become available. Check at least once per month for updates.
- Delete any unused plugins.
- Backup your website before and after you make any major changes and keep a copy separate from your web server.
- Test your website after updates to be sure everything is functioning properly. Restore your backup if an update breaks your website.
Get Help
- If you are not technically savvy, or if you have other priorities, it may be beneficial to hire someone to manage your website. Most of the tasks mentioned here can be handled by a professional once per month for a small fee.
