Website Security Tips
Today, close to 30% of the world’s websites are created in WordPress, largely because of its ease of use and robust content management system (CMS) which simplifies the process of making simple site updates such as the posting of blog content. With the rise in popularity of the WordPress platform, there has also been a corresponding rise in the sophistication of the methods used by hackers as they try to gain access to WordPress based websites to steal bandwidth or data; to embed hidden pages or to send spam emails; to steal your content; to disable your site and hold it for ransom; or simply to cause damage. Website managers and clients alike need to act proactively in order to minimize the risk of unauthorized access and to limit the damage that can result if a hacker should gain access to a website.
Websites built on the WordPress platform have many component parts, most of which are continuously being updated by their developers. These updates may be to improve functionality; mitigate vulnerabilities or to fix discovered bugs or other problems. It is always good practice to keep your website software updated to ensure it continues to operate safely and securely. Like all WordPress sites, your website will become exposed to greater risk over time if components are not updated or replaced as they become vulnerable, discontinued, unsupported or even incompatible with other parts of the website.
Good Site Practices
Here are a few tips that can help you avoid potential problems and help you be better prepared for any potential site failure.
- Use a minimal number of Plugins to manage your website
- Remove Unused Plugins and Themes
- Keep all Plugins and Themes up to date
- Minimize the number of Users
- Upgrade Passwords to 12 to 16 characters/numerals/symbols
- Limit Login attempts
- Backup your website often
- Backup your website before installing major software updates
- Store your backups offsite, on a remote server
- Secure your site with SSL
Develop a Crisis Response (Disaster Recovery) Plan
Disaster can strike at any time. The best defense to protect your business is to be adequately prepared for rapid recovery with minimal loss of data and with minimal down time.