Millions use the WordPress platform for their blogs, and since it’s also a great content management system, many also use it to host their websites.
Of course, hackers love popular platforms, so although WordPress is pretty secure out of the box, and they provide regular security updates, it never hurts to ramp up security. Fortunately, you can with a few quick steps.
1. Secure login credentials – WordPress installs generally come with the default username: “admin”. Every WordPress user knows this, including potential hackers. Change it to something a bit more original, and add a complex password.
2. Clean and lean – Clear up server space and lessen potential security holes by removing plugins and themes that you no longer use.
3. Keep it current – Remember to always update WordPress, your themes and plugins, to the lates version as they may contain security fixes.
4. Add a security plugin – There are quite a few security plugins that you can add without touching any code, a dangerous thing for those of us who know just enough to meddle and bring down an entire site. Two standouts are Secure WordPress (700K downloads) and Better WordPress Security (300K downloads)
If you want take a bit more time and go deeper to secure your WordPress blog, check out The WordPress Security Checklist. The checklist covers:
- What you need to do on your local computer to stay safe.
- How to make it easy to keep your site updated.
- Which security plugins you need and how to configure them.
- How to setup a great backup plan so you always have a fresh backup.
- How to get notified if your site gets hacked.
- How to recover if your site gets hacked.
Finally, remember to backup! You can automate the process with any number of plugins including WordPress Backup to Dropbox.