WordPress Updates and Site Security [Updated March 2020]
If you run a WordPress based website then it’s time to do some WordPress updates to keep your site safe and secure. Today, WordPress has released the Adderley Update to its coding, updating things to WordPress version 5.4.
Most of the update is based around speed and security, and improvement to the Gutenberg blocks for basic page editing. It’s a great time to update your themes and plugins. Security loopholes appear on your site when the software that runs them is not kept up to date. This is how your site can get hacked.
Here are a few of my top tips for keeping your WordPress website secure:
1️⃣ Install a security plugin. These will stop continuous login attempts and people trying to crack your passwords. Using 2 form authentication can improve security even further.
2️⃣ Change your admin username and password. Many web developers use names like Admin, Control, these are easy to guess. Usernames like email addresses are more difficult to guess.
3️⃣ Use strong passwords. Avoid simple words that you can find in a dictionary. Complex passwords including letters, numbers, and symbols are hard to hack.
4️⃣ Take regular backups. A good website host should provide daily and weekly backups. But, like any backup, don’t depend on just one method like your host, after all, businesses can shut down. Tools like VaultPress allow you to backup to various other places, such as Dropbox ensuring your site is secure.
5️⃣ Stop unwanted spam. Install a spam tool like Akismet and turn off comments on pages. Also, add validation tools to your contact forms will stop junk ending up in your inbox.
Are you tech-savvy?
If you’ve tackled all of the above, then a few extra things you might want to consider include:
Rename your login URL. Change your login URL from /wp-admin/ to something more unique.
Used freelancers or external designers in the past? Check the users registered on your site and remove redundant logins.
Secure your WordPress database by changing your table pre-fixes. Again moving away from the standard wp_ prefix makes the database more difficult to hack.
Increase your database password security with complex passwords.
Secure your directories.
Check your security logs regularly and adapt your security technique to what’s happening to your site.
Delete unused themes and plugins.
Use this time to do some essential maintenance on your websites and keep them safe and secure.