12 Steps to take to help make your WordPress site more secure

WordPress security is a big deal.

Imagine this:

You’re up early because you’re excited about finally cranking out that project on your website that you’ve been so excited about.

You’ve got your coffee brewed and the aroma is filling the room; you’re super excited and ready to go.

You sit down at your computer, ready to get to work and open up your browser and type in your website’s login URL.

When the page comes up you’re floored because there is something else on your site that you most definitely did NOT put there.

You feel like someone punched you in the gut and all the air has left the room.

Your site has been hacked.

It sucks. I hear from website owners and they’re desperate to get their site cleaned up.

If they’d only have taken some precautionary steps they wouldn’t be having this problem.

It’s more prevalent than you may think.

Nothing on the internet is 100% secure.

There are big data failures that happen all the time. Just watch the news.

In between the stories on the Kardashians and the weather there just might be a story about how, once again, a big company or organization was compromised.

it’s safe to say that if it can happen to the biggest companies around, then it can happen to us as website owners.

But there are some things you can do to get your site locked up tight. Doesn’t mean that you’re impenetrable, but it does mean that you’re not going down without a fight and you can do a lot to make sure you’ve got yourself covered.

Keeping your WordPress site safe and secure really is a big deal. Here are a few things that I do on my sites to make sure that I keep them locked up tight.

Make a Backup Plan

Make sure you have a plan for backing up your site. I mentioned Backup Buddy in the plugins section so make sure you’ve got that set up and regularly taking backups!

Secure Your Site

Install and configure a security plugin like Wordfence, or iThemes Security. These plugins are easy to set up and will wonders for helping you secure your site!

Use a Secure Password

Pick a secure password. Secure passwords aren’t usually easy to remember, so you can start using password manager like LastPass, Roboform or KeePass. Don’t ever put it in Notepad or any other unsecure document.

Make a local backup

Make a backup copy of your entire website and save it to something like Google Drive, Dropbox, or on your local computer.

Plugins like BackupBuddy or UpdfraftPlus can do this for you.

Always Backup for Running Updates

Make sure you have a backup each time before doing major version update of WordPress core, your theme or plugins.

Disallow Unauthorized Access

Keep those who are testing your security fences away by disallowing unauthorized access. Check out this post on how to add an extra layer of security.

Do Not use “Admin” as your username

In addition to making sure you’ve got a secure password, make sure that you don’t use “admin” as your username. It’s probably the most commonly attempted username to be tried by hackers. Come up with something more unique.

Setup an anti-spam solution

Comment spam is a huge problem for WordPress site owners. Using an anti-spam tool like Akismet, or reCAPTCHA can go a long way in helping keep your site clean.

Keep your login page safe

Good usernames and passwords are a good start to protecting your login page, but I like to use a tool called Login Lockdown that will limit login attempts and provide a variety of other options to keep hackers out of your site.

Configure your domain to use CloudFlare

In addition to being a fantastic CDN (content delivery network) tool, CloudFlare adds a nice layer of security to your site.

Add additional protection to your login page

For those wanting an even greater level of security you can restrict access to your login page altogether.

Learn more about securing your login page here

Use an SSL certificate to secure your WordPress site

Browsers now alert users to unsecured sites that contain forms so make sure you’ve got an SSL certificate in place.

Learn more about setting an SSL here

Download the WordPress start-up checklist here to get everything you need to know about starting your own self-hosted WordPress site.

See Also:

How To Generate Leads For Your Cleaning Business


"Looking for answers on how to generate leads for your cleaning business? I’ve got you covered. What I’m going to show you today is how to get clients for your cleaning business in ways your competition hasn’t even thought about. If your business is going to survive and even thrive you have to have a […]"

Keep Reading...

How To Install & Configure Contact Form 7 | How To Make A WordPress Blog Step-by-Step 2020


" Looking to learn step-by-step how to install & configure Contact Form 7? You’re in the right place! Everyone needs to have a form on their site, even if it’s just for providing your visitors a simple and easy way to contact you without exposing your email address to spam bots. There are a bunch […]"

Keep Reading...

Why should I start a blog in 2021?


"There are several reasons to start a blog now. Despite reports you may have seen or heard about, blogging is not dead. In fact, it’s doing better than ever and it’s going to keep growing. Just like everything else, blogging has evolved, so what blogging was just a few years ago is a lot different […]"

Keep Reading...

WordPress: Self-hosted WordPress


"Self-hosted WordPress is a web application used by bloggers, coaches, content creators, and businesses of all shapes and sizes that allows users to create and manage their own websites by using the WordPress content management framework. WordPress is the industry standard for bloggers and creators of all kinds. It’s a highly flexible, highly configureable content […]"

Keep Reading...

Do I Need To Hire A Website Designer?


"The story goes a little something like this: A mastermind group was meeting and they were going around the table talking about the projects they were working on and the progress they were making. One of the members was talking about his project and how he was trudging along making progress and started to talk […]"

Keep Reading...

What kind of website do you want to build?


"So, now that we have that covered, let’s talk about how the type of website you want to build factors in to the cost. To dig a little deeper in to the previous point about complexity, I’m going to walk you through a few different types of websites and what to be on the lookout […]"

Keep Reading...

Can you pause ClickFunnels?


"Sometimes things get rough, and you need to step back and regroup to figure out what step to take next. First off, it’s important to know that Russell Brunson and the ClickFunnels team legitimately want you to be successful with your online sales funnels. But they also understand that sometimes you get in a pinch […]"

Keep Reading...

ClickFunnels vs. WordPress: which one do I need?


"ClickFunnels vs. WordPress: which one do I need? There seems to be a lot of confusion about ClickFunnels and which tool you need to use for your website these days. Between Russell Brunson declaring a while back that “websites are dead” and the passion of the funnel hacker community, it’s easy to get sucked in […]"

Keep Reading...

How To Set Up The Social Warfare Plugin | How To Make A WordPress Blog Step-by-Step 2020


" The Social Warfare Plugin for WordPress is a great tool to provide your users a way to engage with your content on your WordPress site. Because we don’t want to just feel like we’re shouting out in to the void, right? We spend the time to create what we believe is great content and […]"

Keep Reading...

How To Generate Leads For Interior Design in 2021


"How can you generate leads for your interior design business? Lead generation is the life-blood of any sustainable business. And having a solid, reliable, and proven plan is essential to the process. So if you’re looking for the answer to the question “how to generate leads for interior design”, then you’re in the right place. […]"

Keep Reading...