WordPress Security

Below are some of the steps EVERYONE should take to make sure their website is as secure as possible.

Host Provider Security

Your web host provider needs to be constantly analyzing their servers and installing the latest updates to remain safe from the latest security vulnerabilities. Some of the less expensive servers options give you shared server space. While this gives you an affordable option it also makes you more vulnerable as all the other websites hosted on the same servers that need to be analyzed. Dedicated hosting, while more expensive, provides you with a higher level of security and performance since you’re not sharing the same space with other websites.

Top Rated WordPress Host Provider

• SiteGround (My Favorite)

HTTPS

Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The ‘S’ at the end of HTTPS stands for ‘Secure’. This used to be for only websites that dealt with ecommerce and as an extra layer to protect consumers credit card data. But in today’s world of cyber security everyone should be using (HTTPS) encrypted protocols to secure all communications between your browser and the website. If you’re using WordPress, or another content management system (CMS), then setting up a secure HTTPS login is the absolute minimum precaution you should take.

Malware Scanning & Protection

Malware is a software that is intended to damage or disable computers and computer systems. Having your website regularly scanned for security issues, is something your host provider should constantly be doing. This is even more necessary if your website is on a shared server where another website might have allowed the malware in the backdoor. Sucuri.net is one of the most prominent web security experts today and I highly recommend them.

2 Factor Authentication

In today’s world of increased cyber threats, 2 factor authenthication is an extra layer of security that requires not only a password and username but also something that only, and only, that user has on access too, such as or an unique access code sent via email or text message. While this extra step of security might seem to be more time consuming, it’s can me a necessary step to protect your website and your customers’s valuable data.

WordPress Security Plugins

There are a wide level of WordPress security plugins that will protect you website from potential hackers. Basic free plugins, such as WordFence, provide you with a very good base level protection. If your website captures your customers data then I would highly suggest you go with a Premium level “Paid” security plugin. It all depends upon your need, but in today’s world of constant cyber threats you need to protect your website investment. Here are some popular plugins:

1+ Million Active Installs

• WordFence (Both Standard and Premium versions: My Favorite)
• iThemes Security (Both Standard and Premium versions: My Favorite)