What is Website Security?
Fundamentally, website security is not about perfectly secure systems. Security is risk reduction, not risk elimination. It’s about employing all the appropriate controls available to you, within reason, that allow you to improve your overall posture reducing the odds of making yourself a target, subsequently getting hacked.
What can I do to improve my WordPress website’s security?
WordPress website security takes time and monitoring. At a minimum, take these two suggested steps to increase security:
- Keep your WordPress core, plugins and theme up to date. Log into your WordPress dashboard. If there are updates, these will be shown in the upper left corner next to your site’s name.
- Use a strong password. The goal with your password is to make it hard for other people to guess and hard for a brute force attack to succeed. Many automatic password generators are available that can be used to create secure passwords.Things to avoid when choosing a password:
- Any permutation of your own real name, username, company name, or name of your website.
- A word from a dictionary, in any language.
- A short password.
- Any numeric-only or alphabetic-only password (a mixture of both is best).
- Back up your website database and files.
- Install a well-known security plugin with a good reputation according to wordpress.org feedback such as:
- Sucuri Security
- iThemes Security (former Better WP Security)
- Wordfence
- BulletProof Security
Want more WordPress security information?
The links below provide detailed information and step-by-step instructions to improving WordPress website security: