As you might have noticed, there are more and more worldwide attacks on websites happening and we all need to do out part to keep our websites safe and secure. Unless you have subscribed to a maintenance/security program with them, DON’T RELY ON YOUR HOSTING COMPANY TO DO THE WORK FOR YOU.
Here are some tips that you can follow to decrease the changes of being attacked.
1)SECURE USERNAMES AND PASSWORDS
-don’t use the admin user. You can find out here how to change it if that’s the case.
– use strong passwords (not your name, your website name or your kids names!)
2) DEACTIVATE AND DELETE ALL UNUSED PLUGINS AND THEMES
Plugins and themes are not only slowing down your website, they are one way for hackers to get into websites. It’s a good habit to delete unused plugins and themes when you don’t use them anymore. You can always keep one extra theme for the time when you update your theme and need to temporarily switch back to another them to run the update.
3) RUN REGULAR BACKUPS STORED OUTSIDE OF YOUR WEBSITE
If you don’t already have a backup system, now is the time to get you one 🙂 I recommend using backupbuddy, whatever you choose make sure that you can also safely restore from the backup yourself or have good response time if that is done through support.
4)MAKE SURE YOUR WEBSITE IS UP TO DATE WITH WORDPRESS, THEMES AND PLUGINS
Don’t take this advice slightly. This is exactly what hackers rely on to get to websites (that and poor hosting quality)
5) CONTROL THE ACCESS TO YOUR WEBSITE THROUGH SECURITY PLUGIN(S)
I like to recommend wordfence and Better WP Security, both have a free version and allow you to scan your website for malware and get notified when someone tries to login to your site.
You can install both plugins from your wordpress dashboard by going to plugins/add new and search for their name.
With Wordfence you can:
A) scan your website
B) check login attempts and get email notifications when someone logins to your site
You can see the attempts from your dashboard
And you can also receive email notifications every time someone tries to login
Better WP Security:
I also like to run Better WP Security to limit the number of login attempts:
6) CONTROL THE ACCESS TO YOUR WEBSITE THROUGH SECURITY PLUGIN(S)
Periodically run a sucuri check on your site (it’s free).