If you have a WordPress blog or a website, you may be wondering how am I supposed to keep it safe from hackers and from accidental changes or deletions?
In my previous post I described how I had five sites hacked, and what I did about it.
In addition to any kind of fancy modifications or security plugins, there are a few easy
steps you can take right now within the next few minutes to make sure your WordPress
website is secure.
The first three things you can do are:
- only connect to WordPress on a secure WiFi connection,
- only use trusted plugins, and
- keep WordPress up to date.
Do you know that when you connect to a website using unsecure WiFi, which means
airport WiFi, Starbuck’s WiFi, public WiFi, that anyone can see your username and
password? That means when you connect via FTP or simply log into your WordPress
dashboard anyone can see exactly what your username and password is and join for
That’s why it’s very important to only connect to your WordPress site and only connect to
FTP if you have an SSL connection or you’re connecting a cellular 3G network instead of
WiFi. If you don’t know what any of those things are, then simply make it a point to only
connect to your FTP website and WordPress from home instead of in public.
Next, only use plugins that you trust. Are you aware that any WordPress plugin, if it so
chooses, can have access to your entire WordPress site? All of your users, all of your
content, most of the time, to every single file on your website.
That is the reason why it’s very important that you only use WordPress plugins that you
trust. Don’t go out and install 200, 300 plugins just because they all seem like they have
cool features. If a plugin is brand new, if no one seems to be using it, that is not a good
sign, and it may be a Trojan Horse kind of plugin where someone had simply put it out
on the internet in the hopes that someone else will install it on their website, and now
you have given the hacker complete access to your files and your content.
Finally, a very easy way to secure your WordPress blog is to keep WordPress up to date.
People find security holes all the time, and WordPress is quick to fix those holes, but it
does you no good unless you update your blog to the current version, which is
safeguarded against most attacks.
Luckily the most current versions of WordPress have a single button you can click to
update it, which means it downloads and installs the most recent version so you are now
Backup your blog quickly and easily at Backup Creator.