Improve your WordPress website security in 5 minutes
WordPress is currently the most commonly used content management system on the web. It’s well supported, open source and easy to use. There is a downside, however – its popularity makes it a prime target for hackers.
Installing the following plugins can help keep your WordPress website safe.
WPS Hide Login Plugin
Most WordPress websites are accessible via the wp-admin.php file, such as: https://www.yourwebsite.com/wp-admin
WPS Hide Login is a lightweight plugin that simply allows you to choose an alternative URL, such as: https://www.yourwebsite.com/loginhere
The wp-admin page returns a 404 error, which makes it more difficult for hackers to use brute force entry.
Read more and download the WPS Hide Login plugin.
Loginizer blocks IP addresses that try to login multiple times with incorrect passwords. You can set the number of password failures and the length of the timeout. It’s easy and effective – so much so that many WordPress hosts install it as standard.
Read more and download the Loginizer plugin.
Wordfence Security Plugin
Wordfence is a paid-for premium plugin with a limited free version. The free version is certainly worth installing before deciding whether to upgrade to the paid subscription.
Wordfence can permanently block IP addresses that try brute force logins. You can also manually blacklist IP addresses. It will periodically email you with notifications such as when a plugin needs to be updated. It also notifies you of any recently updated files.
Wordfence features a firewall to block malicious traffic. Its malware scanner checks themes, plugins and core files for code injections, malware, backdoors, bad URLs, SEO spam and malicious redirects.
It offers multiple security features and is well worth reading about in more depth here.
Keep your installation and plugins up to date
When you’re running a business, it’s easy to neglect your website for months at a time. It’s worth spending a few minutes every week to make sure your WordPress installation and plugins are up to date.
Be aware, major upgrades can (very rarely) break some of the design or functionality of your website, so it’s important to back-up the site. A great way to do this is with the All-in-One WP Migration plugin. Simply export and download a zip folder backup of your entire website.
Important: before installing any WordPress plugin, check the latest reviews and how recently it was updated. Discontinued plugins, or those that haven’t been updated recently, may pose a security risk. Only install plugins from the official WordPress website: https://wordpress.org/plugins/.
WordPress website design and build in Bristol and the South West
Do you need a new WordPress website for your business? I design and build WordPress websites, tailored to your business requirements. Take a look at my portfolio to see if I would be suitable for your needs.
DATE July 2019 | CATEGORY WordPress