Is your site at risk for getting hacked? When you don’t update your WordPress site, you are risking your website security.
#1: Keep everything updated
Every month we’ll upgrade your WordPress install and all plugins. Content Management Systems (CMS) are so common, hackers scour the web looking for known vulnerabilities in old plugins.WordPress is by far the most popular, so we take extra precaution to secure your database, install, and hosting account. If we are notified of a new, critical security vulnerability, we will get on it right away.
#2: Keep it secure
Keeping your site up-to-date isn’t the only thing you can do to keep your site safe from attacks. We like to use a plugin that blocks X amount of failed login (hacking) attempts and locks them out for X amount of time. This stops attacks immediately, especially hackers who try to use weak username and passwords. IP addresses can be blocked, as well as entire countries.
#3: Make Backups
We’ll make weekly backups so if there is an update (or you!) that messes something up, we can restore from recent files. We can do backups automatically or manually.
(Once we updated to a new wordpress update and the client’s theme went whacky. Turns out WordPress created a new theme that had the exact same name as the clients. We restored from backup.)
#4: Use strong passwords
Make sure you use strong passwords that have both lowercase, uppercase, numbers, and special characters for your domain, hosting, and WordPress accounts.
(Once a client’s hosting site got hacked and was redirecting to a porn site. Google caught on and marked it as an unsafe site. This makes people think twice before clicking on your site in a search.)
The four items above is essential in today’s WordPress sites. We train our clients how to do this themselves, or if they prefer, we take care of all the details.