For most businesses, the idea that their website can be or will be hacked seem far-fetched. But the reality is that any website can be hacked. And it is not only big companies that are targeted. Hackers are everywhere and they run a well-organized business of accessing your data and using it. Nowadays kids really do it for the fun!
Here are a few ways you can make sure your WordPress website is safer from the rest.
Make sure you run the latest version of WordPress
A recent survey by SSL revealed that less than half of WordPress site is up to date when it comes to their version of WordPress. Some are even multiple updates behind. Although updating your WordPress system is a hassle, being hacked is a bigger hassle. On this note, make sure you hide the version of WordPress. Depending on the setup, the WordPress version number is easily visible to everyone. If a hacker gets a hold of this version number, it is easy to know how to gain access. Several WordPress security plugins like “Wordfence Security” can help you hide this version number from people snooping around for it. If you are hosting with us (iAdminWP) then we already do this step for you.
Don’t use the word “admin” in usernames for your login
Most people when installing WordPress think using the word “admin” is a way to tell that they are the administrator of the website. This is very insecure and you are making yourself an easy target. Please read this article “What is that password” to make a good password.
Change your login URL
Another way to keep hackers out is to keep them from finding your login page. Again, the default setting on WordPress is “wp-admin” or “wp-login” but you can easily change it to something more complex. This adds an extra layer of security to your WordPress site.
Switch on the 2-factor authentication
This is something your web administrator should be able to do quite easily. By doing this you significantly increase the security of your site. This authentication sends a one-time-password that is sent to your phone or email each time you want to log in. It is a bit of a pain to keep this up, but it will definitely keep hackers out as they will need access to both your site and your phone or email account.
Get your SSL certificate
This encryption ensures that any data that is being transferred is encrypted. That way if hackers get the information, they won’t be able to make any sense of it. This encryption is especially important if you are planning to accept payments online or if you have multiple users logging into your website. Most good hosting companies will include it as an added benefit.
Not all plugins are to be trusted
Nowadays everyone is creating plugins for WordPress and some of these can actually be viruses or other kinds of malware that can harm your site. WordPress plugin repository is safe because there are developers that check each plugin before it is uploaded.
Make sure your site is backed up
This is your last line of “defense” and possibly the most important. Even if you do all the above, there is no guarantee that your site is safe. So you need to keep a backup of your site that is updated regularly so that you do not lose information unnecessarily. iAdminWP take backups seriosly and that is why we do Local and Cloud backups!