WordPress Security

The security of your website is something most people don’t think about until it’s too late.

If you had a shop you wouldn’t go out and leave your front door and till wide open with nobody there would you? Think of your website as your shop.

It’s better/quicker/cheaper to plan for and prevent any problems, than it is to try and fix things after the event.

First, you need some WordPress security…

Passwords

The first step is to use decent passwords. Avoid using words at all, use a password generator to produce a set of random (upper and lower case, numbers and symbols) to the use as your password.  If you have a website designed and built by Web SEO Assist, then you should have a password to your website that consists of approx. 24, completely random, jumbled letters (both upper and lower case), numbers and characters. It’s not a password designed for you to remember!

We also install, and more importantly, set up security plugins to watch and protect your website. Set to report back to us in the event of any suspicious activity.

I don’t want to scare you, but some of the websites I manage have literally thousands of probing attacks every day. Mostly from Russia and Eastern Europe, but also China, Brazil and America. The security software stops them in their tracks and I have never (touch wood) had a breach.

Most hacks are for three purposes – to advertise something on, or link to something from your website (usually porn or suchlike). To use your website to send out malicious or phishing emails. Or, for ransom i.e they have control of your website and to get it back you must pay $500.

Backups

One of the most important things, is to have a full back up of your website that can be swapped into place quickly if needed. This backup shouldn’t be stored on your website or even the same server your website is on, because if there is a problem getting access to your website or server, you can’t get to your back up either.

Updates

Updates – Your website is made up of several elements. If it’s one of ours, it has a WordPress core running a Divi Theme, likely a child theme of some kind and various plugins. Each of these will have quite regular updates. It is REALLY important that all of these are kept up to date. A lot of the updates are due to security loopholes being found and fixed.

Be warned, some themes and plugin updates can conflict with each other and cause your website to crash or stop functioning correctly, so always backup your website first and, ideally, test the update on a website that isn’t live.

For our Maintenance and Support clients, we have two backup systems that overlap each other. One stored on a server in a different country and one stored on a separate server to the websites, here in the UK.

We also set up monitoring on each website to keep track of uptime 24/7, 365 days a year. As well as updating themes and plugins once we’ve checked for issues. Normally, we know there’s an issue before you do.

WordPress Security is something to think about now – before it’s too late.

Well, that’s it until next week.

If you have anything you’d like me to explain in a blog, drop me an email.

Best wishes

We build WordPress websites primarily for local businesses, mainly in the Oxfordshire area. If you’d like to get in touch to see how I can help your business to get on line or improve its online presence, then drop me an email: [email protected]