Website security should always be one of the top priorities for every online marketer. The reasons are simple, but let’s explain this on an example.
If you were doing your business the traditional way – in a brick and mortar manner – you’d make sure that your store or office adheres to all the safety guidelines given by the fire department, construction supervision, or any other official institution.
No business owner wants to see their building on fire or simply collapsing due to some structural abnormalities. The thing with websites is very similar in nature.
If you don’t take care of your site’s security then you’re on your way to seeing it break down and stop you from making money. This really is that serious … the question is not if, it’s when.
Securing Your WordPress Site
There are a number of steps you can take to make your site secure, and we’re going to list them here, but the initial step is to sign up for a good hosting plan. Respected hosting companies provide a lot of security features that will help you keep your sites in good health.
If you’re using a lower quality hosting you can experience a lot of problems for which you won’t be able to find a solution. That’s why saving money on your hosting is truly not worth it.
Update Your Site
You should always update your site whenever a new package gets released. For WordPress blogs there’s a message that comes up at the top of your admin panel. Example:
Updates are important because they always feature some security improvements and fixes of known bugs and backdoors. What we advise you to do is go to your blog right now and make sure that you’re running the latest version of WordPress.
This also goes for plugins – they need to be up-to-date too. Speaking of which…
Security Plugins
There’s a range of plugins you can get to improve your site’s security. Here’s a list of those we consider extremely useful:
AntiVirus. This plugin protects your blog from exploits, malware, and spam injections. It provides a virus alert in the admin bar, and takes care of daily scans.
Secure WordPress. This plugin takes care of a variety of settings that will make it a lot harder for anyone who wants to hack into your site. The plugin removes error notifications on login pages, removes the wp-version info, adds index.html to plugin directories, and more.
TAC (Theme Authenticity Checker). One of the places where your site is most vulnerable is the theme you’re using. You never know what sits inside the theme and if the developer did a good job at making it secure. The TAC plugin searches the source files of every installed theme for signs of malicious code. If it finds something, TAC displays the path to the theme file and the line number. Once you have such knowledge you can take appropriate steps.
Backing Up Your Site
Backups are your last line of defense. In case anything goes wrong (despite your safety precautions) you can always take a backed up copy of your site and restore it. Of course, you have to have this backed up copy first.
There are many ways of backing up a WordPress blog, but the easiest one is, again, by using a plugin. The plugin we advise you to use is Online Backup for WordPress.
It lets you do a full backup of your site (the filesystem and the database) and have it sent to an email address or made downloadable. You can also schedule backups to be done automatically. On top of that, there’s also a possibility to encrypt your backups so no one can use them without knowing the encryption key.
Doing just the small set of tasks described in this article will get you a long way in terms of website security. Of course, there’s no full-proof way of securing a website, but the things presented here are a good start.
What other things are you doing to secure your WordPress site that haven’t been mentioned here?