- August 23, 2016
- Posted by: 1Solutions
- Category: wordpress development
Do you have a website which you have put up spending countless sleepless nights and gallons of coffee? Congratulations. But also beware. Even after all your efforts that have gone into designing and developing your website, there might be a key feature that you are missing out on. Security! Yes, that’s right. On an average, there are reports of 30000 websites being hacked everyday on WordPress. These people certainly would not have imagined that their sites would be hacked and so haven’t you. But it is time to burst the bubble. Hacking is a lot about probability and you would do well to minimise that chance that a hacker has of grabbing hold of your website. You do not want to see all your hard work and creativity go down the drain just because of a completely avoidable security lapse.
Just to prevent such a scenario here are some tips to beef up security for your WordPress blog:
1. A strong username and password. Obviously! No lethargy is acceptable here. Trying a different combination of the user’s name, date of birth and other personal information is how most hackers gain access into accounts. So avoiding use of such passwords is the foremost thing one should do to improve security. A combination of special characters, numbers, alphabets and capital letters should be used. Always.
2. Use security plug-ins: These provide another firewall through which the hackers will have to pass through in order to gain control of your website. There are some really great and secure plug-ins available like iThemes and Wordfence. Also, a two-step verification process need not make your life harder. There are various plug-ins which use ingenious features like using your mobile’s camera to make logging in easier and more secure for you. However, never compromise security for ease of access. Also make sure that the plug-in allows for a cap on the number of failed log-in attempts.
3. Obviously now that we are talking about downloading plug-ins, one has to make sure that the security plugins are secure in the first place. Apart from the WordPress repository, plug-ins can be found in a whole lot of other places (a simple Google search should suffice). However, it is of paramount importance that a full background check of the plug-ins is conducted via-à-via reviews, support provided and plug in’s responsiveness to user complaints and feedback.
4. Do not be lazy and keep installing the updates regularly that WordPress offers. The updates are there for a purpose, whether it is a small bug fix, better stability or better security. Whatever be the reason the update will enhance the user experience even if the changes are not visible. Updating does seem like a hassle after a while, but the hassle is worth it if it means better security for you. About four-fifths of the hacked blogs are reported to have not installed the latest updates. This is a gamble not to be taken.
5. 41% of If one has their website on a shared server and if any of the website on that server is hacked, it puts your website at risk too. Thus, it is important that the web host can be trusted and that they are questioned about all the security measures that they undertake to prevent such occurrences. Some of the things that one should be on the lookout for here are a Web Application Firewall, the ability to isolate one’s account in case any other website is compromised, systems to detect intrusion and support for the latest PHP and MySQL versions.
6. Your personal computer needs to be adequately protected too. Antivirus protection and firewall to keep malware as far away from your PCs are essential features one must have. Avoid accessing your websites from Internet cafes and other public computers. Along with having a secure and reliable anti-virus protection, not clicking on spammy content or visiting unreliable websites is highly recommended. In spite of having all the necessary security measures on your WordPress security from the hosting end, all your efforts might become useless if your own PC isn’t secure. WordPress security is a two way process with the precautions to be taken both from both ends.
The face of online threat is ever changing and it is one’s own responsibility to stay up to date on how to make one’s site safe and secure. Although the above points should keep a user safe from almost every imaginable security threat, you should also regularly go through the security updates and the featured security pages on WordPress. Better safe than sorry, right?