5 Tips: Security Of Your Wordpress Site

By CertifiedHosting 07/24/2013

5 Tips: Security of Your WordPress Site

All right, everyone. It’s time to harden your WordPress security. This issue is of the utmost importance, especially given the recent, wide-scale botnet attack on WordPress sites.

We’ll review thoughts on WordPress security from two main sources: Search Engine Journal  and WordPress itself.

1. Best Practices for WordPress

First of all, let’s look at basic best practices for WordPress.

Here is a brief rundown (per SEJ):

1. Get the most recent updates of both WordPress itself and all your plugins ( we have a handy tutorial for that )
2. Nix any plugins that are unnecessary (that’ll also speed up your site)
3. Create intricate passwords (to optimize, use a random password generator for this task, such as Perfect Passwords, then update your password.
4. Back up all your site data at regular intervals (as occurs with a quality hosting provider , but do so yourself as well, as an added precaution)
5. Use .htaccess (which stands for hypertext access).

2. Security of Your WP Access Device

Per WordPress, you want the computer, or whatever machine you’re using to access the Internet, to be free of any malicious software, such as spyware. Keylogging allows intruders to see whatever you’re typing, so your passwords become their passwords too.

Additionally, ensure that your OS and all your software, particularly the browser, are always updated with the latest versions.

3. Plugins for WordPress Security

Search Engine Journal lists three plugins that can help you enable better security on your WP site:

Better WP Security: Though this plugin is comprehensive and impressive, it does make changes to your database. Study the FAQ for it before installing.

Wordfence: This plugin automatically blocks IP addresses attempting to spam your site. It also places parameters on login efforts and tracks visitors currently on your site.

BackWPUp: It’s great to have a free, automated way to back up your site – both the files that comprise your site and the database. That’s what this plugin does.

4. Security of Your WP Server

Again from WordPress, it’s crucial to ensure the server you’re using is highly secure. That’s one reason storing your site with a highly reputable and dependable hosting company is important for WordPress success.

Specifically, you want the most up-to-date and high-quality server and server-based applications. Also, if you use shared hosting  (the most affordable option), you can experience problems due to the behavior of another tenant on the server. Dedicated hosting is another option that gives you a server of your own.

5. Free WordPress CDNs
Finally, one more recommendation from Search Engine Journal: look into content delivery networks. Two are specifically mentioned (comparison here):

PageSpeed: This CDN is a Google product. Of course, Google is highly focused on security, so its systems are preferable to many of the alternatives.

Google PageSpeed Service

CloudFlare: This CDN, like PageSpeed, monitors all visits to your site and makes it less likely that you’ll get hacked or otherwise abused.

Cloudflare Security - Source Cloudflare.com


All right, we’ve done it. You should now know basic, abridged information about WordPress security. One quick thought about Certified Hosting: We know about WordPress security because we host tens of thousands of WordPress-based sites. In fact, you can host unlimited blogs through our hosting plans, starting at only $7.95/month.