Over the years, WordPress has quickly become the most popular open source publishing platform online. All this popularity appeals to hackers. Learn how to keep your WordPress blog secure.
Keep WordPress Updated. First and foremost, if you want to keep your WordPress blog as safe and secure as possible, keep it up to date. WordPress makes this easy for you to do by providing you with ‘one click’ automatic updates. Also, warning message will flash on your dashboard letting you know that your blog is out-of-date.
Limit Your Plugins. While plugins are pretty cool, they can also cause a security risk. Many plugin developers aren’t very skilled programmers, and sometimes they can write code that opens up security holes in your blog. Also, some plugins can create conflicts within your database and cause your blog to even crash. If you find a plugin that you like, you should do your research. Read what other people are saying about the plugin first. You may find that you pass on quite a few plugins after reading what others have said about them.
Usernames and Passwords. You should change and even delete your default username ‘admin’ to something different. If you have been using the default user for awhile, you will need to import your posts to the newly created user before deleting. Your password should be very complicated. Don’t worry about forgetting it. As long as you have your email address included in your profile, you can easily have the system generate a new password and email it. Change your password often, and seriously… make it very hard to figure out. Use a mixture of uppercase / lowercase letter, numbers, and even strange symbols.
Web hosting and Server Software. This is something not many people think of. Even if you’re being proactive against attacks, if your web host isn’t, then you can easily get attacked simply by their neglect. Make sure your web host is using current software. If you’re a HostGator.com or SEOHosting.com customer, you can count on your server software being top notch.
Backup, Backup, Backup! You should make daily backups of your server as well as your WordPress blog. If something bad happens to your blog, your host provider can provide a lot of help if you have a backup copy of your blog. Most server software, such as HostGator.com’s and SEOHosting.com’s include backup software.
What are some things that I missed? What else can be done towards keeping WordPress safe?