The Top Three Ways To Secure Your WordPress Blog

Blog

 

If you have a WordPress blog or a website, you may be wondering how am I supposed to keep it safe from hackers and from accidental changes or deletions?

In addition to any kind of fancy modifications or security plugins, there are a few easy steps you can take right now within the next few minutes to make sure your WordPress website is secure.

The first thing you can do is only connect to WordPress on a secure WiFi connection, only use trusted plugins, and keep WordPress up to date.

Do you know that when you connect to a website using unsecure WiFi, which means airport WiFi, Starbuck’s WiFi, public WiFi, that anyone can see your username and password. That means when you connect via FTP or simply log into your WordPress dashboard anyone can see exactly what your username and password is and join for themselves.

That’s why it’s very important to only connect to your WordPress site and only connect to FTP if you have an SSL connection or you’re connecting a cellular 3G network instead of WiFi. If you don’t know what any of those things are, then simply make it a point to only connect to your FTP website and WordPress from home instead of in public.

Next, only use plugins that you trust. Are you aware that any WordPress plugin, if it so chooses, can have access to your entire WordPress site? All of your users, all of your content, most of the time, to every single file on your website.

Secure your WordPress blog Using Recommended FREE Plugins !

That is the reason why it’s very important that you only use WordPress plugins that you trust. Don’t go out and install 200, 300 plugins just because they all seem like they have cool features. If a plugin is brand new, if no one seems to be using it, that is not a good sign, and it may be a Trojan Horse kind of plugin where someone had simply put it out onto the internet in the hopes that someone else will install it on their website, and now you have given the hacker complete access to your files and your content.

Finally, a very easy way to secure your WordPress blog is to keep WordPress up to date.  People find security holes all the time, and WordPress is quick to fix those holes, but it does you no good unless you update your blog to the current version which is safeguarded against most attacks.

Luckily the most current versions of WordPress have a single button you can click to update it, which means it downloads and installs the most recent version so you are now protected.

15 Comments

  • Pauline

    Reply Reply March 1, 2014

    Hi Darren very informative blog. I shall follow up on this.
    Well done.

    • darrenhudson

      Reply Reply March 1, 2014

      Hi Pauline ,

      Thanks a lot for your comments much appreciated , hope you do follow up on it :)

      Cheers
      Darren

  • igor Griffiths

    Reply Reply March 1, 2014

    Well hello Darren, in a world where we are looked as odd if we are not permanently connected to the Internet you highlight many reasons why this is not always a good idea, even if we are creating the post that will rock our readers world!

    You mention the issue of plugins and of course even if you have 100% reputable plugins, the sad truth is that not all of them work well together when put on the same site.

    This is why I have a development WP installation that has all the plugins I use on every site, this allows me to test any new plugins for conflicts and corruptions before risking my live sites. This is especially important when it comes to updating WordPress and the plugins, as during the last major upgrade many plugins had to be removed until they were updated for that version of WP.

    igor

    • darrenhudson

      Reply Reply March 1, 2014

      Hi Igor ,

      Thanks for your comments and I couldn’t agree more with you, about most plugins not working well together your right there too but also when you install the updates sometimes they conflict even if they didn’t beforehand .

      There was one fine example the other day experienced by a few people I know of with the Jetpack Plugin , they ran the update and it conflicted and they had to go in Cpanel and remove a file to make it work again . But I’m a No Fluff No Hype guy so guess I’m trying to keep it real for people :)

      Regards

      Darren

  • Gill Potter

    Reply Reply March 1, 2014

    Hi Darren

    I enjoyed reading your post and I must admit I didn’t know about a couple of points you made.

    I didn’t realise how insecure WiFi hotspots are, I don’t really use them that much but I’ll certainly think twice about which websites I go on when I do.

    As a relative newbie to building sites, I was amazed at the information you gave about Trojans attached to some iffy plugins. I tend to only go for those who have been recommended by reputable marketers but Igor gave some sound advice about testing them on a separate WP site. I’ve heard about cloning sites but don’t really know too much about it but I think I’ll have to look into it a bit more.

    Thanks again for the advice.

    Gill

    • darrenhudson

      Reply Reply March 1, 2014

      Hi Gillian ,
      Thank you for your comments , yes it really makes you think doesn’t it ? Anyway mmmmmm cloning sites that could be an Idea for my next post ha ha .

      Regards

      Darren

  • brian

    Reply Reply March 1, 2014

    Hi Darren.
    Wow, I didn’t realise about connecting to my wordpress from an unsecured wifi connection.
    I always wanted my office to be the local coffee shop, now is plan b time.
    Keep up the great blog. You have some great info to share.
    Brian

    • darrenhudson

      Reply Reply March 1, 2014

      Hi Brian ,
      Thank you for your comments and pleased you found it useful and informative .

      Regards

      Darren

  • Karen Thomson

    Reply Reply March 1, 2014

    Thanks for this Darren. I’ve worked with plenty of clients too that think the username is perfect at ‘admin’ and the password ‘pass1234’ !!! Gotta make sure you just don’t leave the welcome mat at a wide open door :)

    • darrenhudson

      Reply Reply March 1, 2014

      Hi Karen ,
      Thank you for your comments , yeh it’s scary when you think about no wonder so many people get hacked and it’s mainly through lack of knowledge or ignorance thinking they’ll be ok until it’s too late .

      Regards

      Darren

  • Steven Cousley

    Reply Reply March 2, 2014

    Very good advice Darren. It’s easy to be connected to “free Wi-Fi” these days. Most people will do it without giving a thought to security. They just don’t realise that there can be a catch. Personally I tend to rely on my mobile devices 3G service(or 4G if I ever travel anywhere with service). It’s not a perfect solution but adequate for checking emails, blogging and visiting websites.

    • darrenhudson

      Reply Reply March 3, 2014

      Hi Steven ,

      I only use my laptop at home nowhere else , when I’m out I only use my Iphone to answer emails etc . Atleast my post is doing it’s Job it’s making people aware including you , so that’s a result in my case ha ha .

      Thanks for the comment

      Darren

  • Sky Nealon

    Reply Reply March 2, 2014

    Hi Darren,

    Excellent post about security here and for confirming my doubts about using wifi in public places. It’s a shame that as the world gets more connected, people get more complacent and many in the midst of things forget the basics of security i.e. like you mentioned about checking to make sure that one is using a secure connection, keeping wordpress updated and installing only plugins that are necessary, but to also keep one’s own computer secure i.e. from running regular scans for viruses, trojans, keyloggers, putting a password on the home wi-fi network, deleting browser history and settings after each internet session, making sure to keep a regular backup, and not storing personal details on computer etc….

    Anyway, congratulations on getting your 10th blog post up, keep the great post coming

    Sky

    • darrenhudson

      Reply Reply March 3, 2014

      Hi Sky ,

      Thanks for the comments and engaging in it , yeh most people are complacent but also making themselves targets too without even realising it. If this post can educate more people the better it’s doing it’s job :)

      Regards

      Darren

Leave A Response

* Denotes Required Field