Three Top Tips to Keep Your WordPress Site Safe

Having your website hacked can be one of the most frustrating things to happen as a website owner. Earlier this year, WordPress websites saw one of the most complex attacks ever as an impressively large botnet (over 90,000 individual IP addresses in total) attempted to attack thousands of WordPress sites the world over. If the importance of keeping your WordPress site safe hadn’t hit home before, then it certainly should now.

Need more convincing? Then read on…

Stats and Facts

Do we have you convinced? If so, read on. If not, we’ll try not to say we told you so..

No More ‘Admin’

No, we’re not suggesting you neglect the administration of your site, just that you need to change your username.

You’d be surprised at the number of people who have keep the default ‘admin’ username, so it’s time to make a change. The mega-botnet we mentioned earlier specifically targeted sites who had failed to change from the standard username.

Delete ‘admin’: Once logged in to your WordPress site, select ‘add user’ under the ‘User’ panel on the left-hand side. Input the required information to create a new account.

Log out, then log back in as the new user. You will then be able to delete the ‘admin’ account by hovering over the ‘admin’ username once you have selected ‘Users’ in the side panel.

Strengthen Your Password

Not to state the obvious, but a little gentle reminding can sometimes go a long way. Whilst you’re setting up your new account, make sure you set a strong password whilst you’re there.

As we said, it can take just 10 minutes to crack a 6-letter password; whilst most websites won’t allow you to create a password under 7 characters, we strongly advise you to choose one at least double the length – the longer the password, the harder to crack. It goes without saying that you should add some symbols and numbers in there too, and if possible replace letters for either where possible; for example: apples and pears becomes app!e5&p3ar5.

Install Useful Plugins

Better WP Security – this plugin has been well received in the WordPress community, and works by hiding any vulnerabilities on the site from attackers, increasing password security for protection, ensuring unwanted visitors are blocked and constantly monitors the site. It will also aid in the event of an attack, through proven recovery techniques, preventing further stress for web owners.

Akismet – don’t be fooled by the activation key request – this plugin is entirely free; just request the activation key from the WordPress page. This is an anti-spam plugin and ensures only comments from genuine visitors will appear on your blog posts. Goodbye link-building farms!

BackUp WordPress – another key part of keeping your WordPress site safe, is ensuring you keep on top of your updates. Updates often appear at the top of the page when you login to your WordPress site – but before you update, you need to ensure your site is fully backed-up. This plugin will back-up much needed files, allowing you to update regularly.

About the author: Anna writes on behalf of Solar Communications. Solar are a provider of unified communications solutions in the UK. Using WordPress operating systems for the Solar website, we strive to share the WordPress knowledge we have developed. We have been developing WordPress plugins and extensions and recently launched a free Google, Yahoo and Bing Pay Per Click (PPC) Call Tracker Extension, enabling business to track the number of telephone call’s generated through PPC advertising campaigns.

Be Sociable, Share!
You can leave a response, or trackback from your own site.

Leave a Reply