If you don’t want to get burned, wear sunscreen.
And if you don’t want your WordPress website defenseless against hackers and other malicious activity…you better take some preventative measures.
WordPress accounts for more than 17% of all websites on the Internet. So with that kind of a presence it’s no surprise that WP is often targeted. However, it is fairly easy to protect yourself.
Your first line of defense is choosing a secure WordPress foundation like the Genesis Framework. So <fist bump> to those of you rockin’ Genesis!
Here are 4 additional preventative measures you should take:
(1) Update your WordPress core and plugins regularly.
The WordPress gurus at Automattic work around the clock to protect your site from vulnerabilities. So when they release an update, be sure to do your homework by staying up to date. And be sure to do the same for your plugins. Expired plugins can wreak havoc on your site, and they taste bad (like expired milk).
(2) Don’t use dumb passwords.
Seriously. One of the biggest mistakes you can make is using the default “admin” for your username and accompany it with a password found in the dictionary. So either choose a very unique password, or change your password occasionally. The best passwords are a combination of numbers and a unique word.
(3) Consider using a security plugin.
If you want to take extra measures from “sophisticated” hackers, you might want to use a plugin like “Login Lockdown” which gives the boot to anyone trying to login after a few failed attempts. Other safeguarding options: WP Security Scan, Wordfence Security, Better WP Security.
(4) Back that thang up!
Save yourself the headache and the freak out should you get hacked and your site goes down! Backup your site regularly with Backup Buddy, unless you are using a superb host like WP Engine (they will do that dirty, but extremely crucial work for you)!