Most businesses these days use WordPress to create their website. While the platform offers a ton of benefits, its standardized nature can also make it a target for hackers looking to access your information. Make sure your site’s privacy is protected by following our TRIO tips!
Keep it updated.
Make sure you regularly update all your WordPress plugins and themes. Not only will they work more seamlessly, but back doors will also be closed to those with nefarious intentions. Because security and maintenance fixes are released monthly from WordPress, plugins follow suit with improvements. You should also follow the Marie Kondo method and regularly clean out those plugins that you don’t use anymore. It also helps to check your site for functionality and broken links an ongoing basis.
Ever heard the phrase, it takes money to make money? While that’s not always the case (thankfully), it does apply to hosting services. If you’re still scraping by on that personal or premium plan, you need to update to a business plan. Not only does it provide better security, but it also gives you faster loading times and automated backups. Think of it as a bit of an insurance plan.
Think like a hacker.
We don’t want to scare you, but with so many corporate security breaches, at least a little bit of your information is probably on the dark web, where hackers regularly buy large batches of usernames and passwords. That’s why it’s imperative to change your username to something more complicated than “admin” and your password a little more obfuscating than “password123.” Try using the WordPress password generator for extra security. However, this doesn’t just apply to WordPress; you should really update all of your information on a regular basis and look into a password keeper.
It’s also wise to add Google ReCaptcha to your admin login form and change the login URL to block spam login attempts since hackers regularly run programs that search the web looking for default WordPress admin URLs like wp-admin. Changing your admin URL and adding Google ReCaptcha adds extra layers that block the bots and keep you safe.
Back up your files.
Having off-site files can be an annoying extra step, but it’s worth it to have that extra layer of safety. If your custom theme or posts gets deleted, it’s much easier to restore them if you have backup files. Between Google Drive and Dropbox, there are some great free options that won’t clog up your hard drive (but you should probably back that up, too!).
Use a firewall.
Firewalls are an absolutely necessary part of WordPress. The name explains it all: firewalls block hacking attempts and alert you if there are any security suspicions. Firewalls are there for your protection. In this vein, you should also ensure that you have an SSL plugin to further enhance security (check out this great guide from WPBeginner on more tips for going from http: to https:). Pro tip: There are awesome free options like Wordfence that provide a budget-friendly shield.
When you use TRIO’s web and digital services, we put all this in place (and then some). Give us a call or email today to discuss how we can help your digital footprint take a step in the right direction!
Thanks, Nonprofit Tech for Good, for the helpful information, and for all of your amazing content.