How To Secure Your WordPress Site
How To Secure Your WordPress Site in 7 easy steps. Must have tips to stop hackers gaining entry to your site and keep all your data secure.
How To Secure Your WordPress Site Video Tutorial
7 Important Steps To Secure Your WordPress Site
Step 1 SSL Certificate
Having a valid SSL certificate on your site protects you a huge amount. It makes sure that data passed between two servers or web browsers stays secure by using a encryption link.
This means you can fill in forms, complete payments and so on with out the fear of people being able to steal your data.
To do this on SeekaHost simply head to your client area from the main site. Sign in and select the site you want to add SSL on by tapping the blue action button.
On the right hand side of the screen you will see an option of SSL as in the picture below.
Now click on there and switch the SSL on, you might get a message saying your that its unbale too due to name servers or propagation. To solve this you need to make sure your name servers from your current server hosting have been added to your domain name servers.
Visit and login to the site that you purchased your domain from. Login, and go to change name servers. Change it to custom name servers and then copy and paste name server 1 from your current host to your domain name servers.
Repeat the process for name server 2 as well. Now just save the settings, come back to your site and click SSL again and it will work.
Step 2 User Name
Dont set up and leave your user name as Admin. Many people make this mistake and it makes it much less work for someone to hack in to your acount. Using a hard to guess user name with letters and numbers will make it much harder for an attacker to gain access. If you user name is admin and they guess it then they have got half way to gaining entry to your acount already.
Step 3 Keeping Up To Date
Keep your WordPress site up to date. You can check this by clicking the updates option on the left hand side of your dashboard. Not only this but keep your Plugins and Themes up to date or delete them if you arent using them.
The reason for this is due to security breaches on plugins, WordPress ect and they will release updates to fix them breaches. So by staying up to date you are making sure to have the most current safety features installed on your site and plugins.
Step 4 Download From Known Sources
Do not download from shady sites, from plugins to themes there are many sites that offer free services. How ever what you dont see is the potential virus threat in downloading and running these on your pc or site.
The WordPress site has many free themes and most of the best plugins already free to use. Dont be tempted with sites claiming to offer premium plugins for free also. Stealing your data can be worth a lot to these people so they will try to gain access to your files in many different ways.
Step 5 Using Strong Passwords
As I’m sure you are aware, creating a strong password will infact keep a majority of attackers unable to access your site. Although you may think that your normal password with a few symbols might be ok. I cant assure you that a program running thousands of passwords through your site every 5 minutes will inevitably guess that. Compared to a password like 3h4j3j6873hdh!!dkm% where even with a program running hundreds or thousands of variations would struggle to find.
Save this somewhere either by writing it down or potentially storing it on another device thats not connected to the same network. Preferably a USB stick that that you dont keep connected to your main PC.
Step 6 Keeping Your PC Secure
Keeping your own PC secure is a huge part of keeping your site safe. If your computer is compromised by attackers, they can steal valuable data install ransomware and many other things you dont want.
Make sure your have a anti virus program installed, if you have windows the windows defender will do just fine also. Make sure to keep them up to date an also run frequent virus checks.
Another major one is watch what you download. Like ive mentioned in previous occasions if something looks to good to be true, then it is.
Step 7 Security Plugins
Adding a good security plugin will help in many ways. As in the video I suggest iThemes Security.
You can easily set up a good general protection for most aspects of your site in a few clicks. It also includes a large amount of option extra features that you can configure.
3 That i suggest changing are:
- Enable Security Check and secure site.
- Hide Backend and change your login url so its not /wp-admin.
- Local Brute Force Protection and decrease max login attempts by user.
Bonus Step To Secure Your WordPress Site
Create back ups often. Use a back up plugin or get one via your SeekaHost client area. This ensures that even if the worst happens and your site gets attacked. You will still be able to upload your site back up in full health and keep peoples data secure.
Now that you have completed all these steps you can rest easier knowing that you have secured your site well. Yours and your users data is been kept safe and you can carry on building your site with peace of mind.
Thanks for reading this article and happy WordPressing!