I have to admit I love WordPress. I love how I can easily build a client a website and how easy it is for my clients to make changes themselves. But with all the positives of WordPress, it is still open-source which makes it vulnerable to hacking. The good thing here is that there are ways to harden your website to protect it from intruders.
- Keep WordPress Up To Date
The biggest cause of hacked websites is due to the WordPress core, plugins or themes being outdated. Hackers are always looking for ways to install malware and by keeping everything updated, your securing any holes in your websites code.
- Install Wordfence
Wordfence is a security plugin which helps protect your site from hacking and malware using a proactive and reactive approach. Proactively, Wordfence run scans on your website against their database to look for any abnormalities in your code. If it does find a file which looks hacked it lets you know so you can clean it up. Reactively, the built in WAF (web application firewall) protects your site from getting hacked in the first place and you can also monitor live traffic and block IP’s or even countries from accessing your site.
- Change Your Admin URL
Everyone knows wp-admin is how you can view the WordPress admin panel. It amazes me how many websites do not protect their admin. Using the Plugin called Protect Your Admin it gives you an easy way to change the wp-admin url and make the login page private.
- Install an SSL Certificate
You want to protect your websites code but you also want to protect your visitors personal information. By installing an SSL certificate you are making sure that when visitors to your site fill out your contact form or enter their credit card at checkout, their personal information is secure using encryption.
Your WordPress Development Agency should make hardening your website a priority. It takes very little effort to implement the methods mentioned above and in the end it will make sure your clients are happy.