6 Steps to Keep Your WordPress Blog Safe and Secure

Feel free to share...Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInShare on RedditEmail this to someonePrint this page

6 Steps to Keep Your WordPress Blog Safe and SecureWordPress is a great platform to build a small business Web site, but you must stay on top of security measures.  As some of you know, my blog was recently hacked by a bot looking for weakness in my WordPress and/or plugins.  Hackers left thousands of spam comments with embedded links, all of my plugins were stripped from the site, and it wasn’t working very well.  It was pretty much a nightmare and there was no easy fix.  It was tough for some of my readers to find the forms to submit to be a guest on #SmallBizChat or to be a guest blogger. I learned a lot about WordPress in this process that I think you all could benefit from.  Here are 6 steps to keep your WordPress blog safe and secure.

  • Do regular maintenance.  Just like with your car needing an oil change, your WordPress blog should have a basic tune-up regularly.  Make sure you are using the latest version of WordPress and keep your plugins up-to-date too.  It’s easy for plugins to create a conflict in the backend of your WordPress site.
  • Get professional help. Do not diagnose the problem yourself, hire a professional that does website recovery work.  Keep in mind, the person who built your Web site might not be able to determine how to stop a hacker attack.
  • Make sure you have the appropriate hosting option. If you have a site that gets major traffic – over 25,000 visitors a month like this one, a shared hosting server will not cut it.  You might need to look into having a dedicated server, which is pricey, but can provide an additional security options to give you better peace of mind.
  • Keep a list of your passwords and plugins. You should have a permanent file in Google Docs or DropBox with all of the logins to the site and your hosting account. You also need a list of plugins that are being used on your site.
  • Do regular back-ups.  Make sure you have at least monthly back-ups done for your blog. (I do them weekly.) WordPress has a great free plugin for back-ups called myRepono. You can automate your WordPress, website and database backups using the myRepono plugin.
  • Delete the Admin login to your site. You never want to make it easy for people to gain access to your website. By using “Admin” as your login, you are giving hackers half of the information they need to break into your blog – then all they need to do is guess your password to gain access to everything.

If you do these things, hopefully you will avoid the chaos that can happen when your WordPress site is hacked.

“Username Password word” courtesy of digitalart / www.freedigitalphotos.net

Do you have any other suggestions for protecting a WordPress site? 

Feel free to share...Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInShare on RedditEmail this to someonePrint this page

Get Your Free Special Report

Sign up to receive my blog posts via e-mail and get a FREE copy of my NEW special report on the 10 Biggest Mistakes In Small Business and How to Avoid Them Privacy Guarantee: I will never share your e-mail address with anyone else.

Comments

  1. Alice says

    Instead of keeping passwords in a document, which is asking for a different kind of trouble, I would recommend using a more secure tool to keep track of them. I use LastPass, which is awesome, but there’s bound to be other good options too. The thought of keeping passwords in a document makes me shudder.

Leave a Reply

Your email address will not be published. Required fields are marked *