Our Blog

Web hosting news & updates for UK small business hosting customers

3 WordPress Security Tips

Posted by sbh-admin on 23 09 2016.

WordPress has many uses. It can be used on personal blogs, it can be used personal portfolio websites, and it can be used by companies for their main websites too.

WordPress’ biggest headline feature is the way allows users to very easily update the content on their website without knowing how to code. Everything can be managed from within a single portal where you’re able to do absolutely everything you need to do to keep your content fresh.

WordPress isn’t, however, perfect. As with any piece of technology, it can be compromised by hackers. While we do what we can to prevent this from happening, there are some things that the owner of the website needs to do themselves to keep their WordPress installation secure.

Below, I’ll list 3 key things that you should be doing to ensure the security of your website. While this isn’t an exhaustive list, it will point you in the right direction.

Keep WordPress up-to-date.

This point is arguably one of the most important. WordPress is the same as any other piece of software in that it needs to be kept up to date to ensure vulnerabilities are plugged.

In the same way that your computer and mobile phone receive updates, WordPress is exactly the same. It’s crucial that you update both WordPress and all of your plugins and themes (where possible).

It’s worth mentioning that you should take a backup of both your website and your database before installing updates.

Change your WordPress passwords frequently.

Another vital security tip is to change your WordPress password frequently. The password should be secure, too. The best way to do this is to generate secure passwords using freely available tools and to secure them in a password safe. While we can’t advise you of which service to use, there are many available to find from reputable companies on the Internet.

Please note that the same advice applies to anything else on the internet that requires a password. It’s also important to make sure you don’t use the same password on multiple websites. Try to keep everything separate.

Remove unnecessary/unused plugins and themes.

WordPress is remarkable in the way that users can install Plugins and Themes from the WordPress Plugin and Themes repository that can add functionality to their WordPress website by adding things such as contact forms or photo galleries.

WordPress also allows you to install themes which you can use to make your website look unique and fresh.

However, very few of these plugins and themes are made by WordPress themselves. This means that developers of plugins can stop releasing updates for their plugins whenever they want. Keeping unused and out-of-date plugins and themes installed on your WordPress could increase exposure to security vulnerabilities and bugs.

What to do if you suspect your website might be compromised:

If you suspect your website might be compromised, the first step should be to contact your web developer, or failing that, your IT Support company. Both of these people are likely to know your website inside out and should be able to help.

If they agree your website is compromised and need anything from us, please get in touch via the Client Management Portal and we’ll be happy to help!

Comments are closed.