7 simple ways to speed up WordPress
If you are serious about your website, speed is something you need. Here are 7 tips on how to speed up WordPress.Read More
No one wants their site to be hacked. However, hundreds of sites are taken down every day, and millions more are at risk of damage, just because of bad security practices.
(If you’ve been hacked, check out our Security Optimisation and Malware Removal package.)
To get the best security on your WordPress site, it’s always recommended that most improvements should be implemented at a server level, not the WordPress level. That’s why the most popular security tip is always “get a great host”.
Our clients know this first hand. After all, our Managed WordPress Hosting service is not the cheapest out there, but they understand that it’s a great investment. They may have signed up for the speed improvements we offer, but they stay with us because they don’t have to worry about their site going down. They can sleep like babies, safe in the knowledge that their site is in good hands.
Having said that, there is always something else you can do as a user to make your WordPress site even harder to hack. Here is our official list of seven easy steps:
Like any price of software, WordPress and its themes and plugins receive constant security updates. Keeping these applied are so important that we made it ground zero for this list.
If your site is out of date, stop reading this article, back up your site, and run those updates.
WordPress makes it easy to see and apply all updates through the update icon in the admin bar and the updates menu in the Dashboard. If it’s all too stressful, our Managed WordPress Hosting updates for you every day.
Create one account with high permissions (Administrator) for safe environments like home, and one with low permissions for use “on the road” (Author). That way, if your Author user account gets hacked, the damage won’t be that great.
#protip: Never use the username admin or administrator.
This goes beyond WordPress. For instance, never use the same password you used for Facebook on your Gmail account. If one gets hacked, then they’ll all get hacked. Too difficult to remember, you say? That brings us to the next tip:
Choose a password manager that will integrate seamlessly with your laptop and your cellphone. 1Password is great, but there are plenty to choose from — choose one, get it set up now, and make sure your master password is at least 12 characters long.
Dodgy connections like the free wifi at the mall pose a security risk, especially if the connection is not password protected.
But if you absolutely need to use that free wifi, always be sure to connect using a https protocol (instead of the insecure http). And if you don’t have a SSL certificate on your site, please contact us so we can buy you one: it will even help with SEO.
Think of a Virtual Private Network as an iron tunnel which protects and encrypts all of your data. It has its cost (in money and slight delay in connection), but it is well worth it, especially if you often connect “on the go”.
You can install a free plugin in WordPress that will enable two-factor authentication for you (or if you’re one of our clients, just drop us a ticket and we’ll do it for you).
All of the sites we manage have 14 days of backups included on Amazon S3 infrastructure, but you can never have too many backups. If you’d like to add a third-party backup, we highly recommend VaultPress by Automattic — it’s secure and performance friendly.
Remember that security on the web is more of a journey than a goal.