15 May Best Security Practices for You WordPress Site
When is the last time you thought about your website’s security? Are you protected against hackers and malware? Do you have a WordPress site like many of GoEpps’ clients? If you’re not thinking about website security, you need to be. In this post, we’ll be highlighting some of the best practices for keeping your WordPress site secure. A more complete list can be found in a post from WordPressBeginner – which is where we’re getting a lot of this information. So after reading these highlights, hop on over to their post!
10 Best Security Practices for your WordPress Site
- Remove any unneeded plugins. Review plugins each quarter to confirm they are needed.
- Require user passwords be updated regularly.
- Use SSL as a standard for all pages.
- Create difficult passwords. Train users to use passwords that have some difficulty and special characters. Remember, get a CLU: complex, long, and unique.
- Don’t use admin as a user name. It is a default username that must be replaced.
- Password protect computers and passcode protect devices that are used to access the admin or hosting accounts for the website.
- Limit login attempts. A number of plugins help with this here: https://wordpress.org/plugins/tags/brute-force/
- Automatically log out idle users.
- Keep regular backups. Getting hacked is bad. Being able to roll back quickly lowers the threat level. Consider options provided with your hosting.
- Use WordPress security keys for authentication. This can be done using the https://wordpress.org/plugins/sucuri-scanner/ plugin.
If you have any other WordPress or website questions, contact GoEpps. We specialize in website optimization to increase web traffic and business leads for our clients across the country.