Dr. Rachna Jain

10 Steps to Secure your

WordPress Site

Create Difficult Passwords For Your Logins

• 16 characters

• Include uppercase, lowercase, numbers, symbols, and spaces

• Do not use the same password for everything

• Change your passwords often, approximately every 90 days

• Keep your passwords secure

Hide Your Administrative Pages

• Hiding the link to these pages makes it more difficult for hackers to gain access

• Name these links something other than /admin, /login, or similar

Set Up New Logins

• Set up new logins for anyone who needs access to your site

• Delete these accounts as soon as their access has ended

• Even if YOU practice excellent security, it doesn’t mean that everyone else does

Invest In A Monitoring Service

• These services can keep track of your site and “harden” it from attack

• No one service protects against everything

• That is why it is crucial for you to maintain good site habits even if you invest in a monitoring service

Keep Your Site Regularly Updated

• Each time WordPress, your theme, or plugins have an update, check it out and make sure it’s stable, and then apply this to your site

• If you don’t have someone to help you with this, we offer WordPress website services and can do this for you!

Add SSL To Your Site

• SSL- Secure Socket Layer- can add an extra measure of protection

• Sites without it are being flagged by web browsers as potentially unsafe

Avoid Adding Plugins Unless Absolutely Necessary

• Not all plugins available through WordPress are coded well

• Add plugins carefully and delete anything you decide not to use

• Only load plugins that are approved in the WordPress repository

Avoid Custom Code If Possible

• Custom code is only as secure as the programmer who coded it

• If you obtained code from a third party, ask them how the code is secure, and what steps should be taken to keep the code secure going forward

Delete Any Extra Themes Or Plugins You Aren’t Using

• Reducing the amount of unused items in your site reduces the number of potential doorways a hacker can use to access your site

Scan Your Site With An Antimalware Plugin

• We recommend Antimalware

• In addition to practicing all the steps outlined in this slide, make it a regular habit to scan your site for malware weekly