With more bots and hackers trolling the internet than ever before, don’t leave the website you have worked hard for open to vulnerabilities. Follow the 9 tips below to keep your website secure in 2023.
1. Regularly Refresh Passwords
This simple tip can save you MASSIVE headaches. One of the easiest ways for a bot or hacker to take over your website is by attempting to log in with common passwords. Often times people do not take their WordPress passwords seriously until it is too late.
If you have to share a password, do so in person or verbally. Avoid sharing passwords over text, email, or other messengers. If you absolutely have to send a password online, you can do so with an encrypted tool like One Time Secret.
Update your passwords every few months or more often if you are regularly sharing them with other people.
2. When was the last time you updated your WordPress admin password?
If your website is built on WordPress, make sure your admin login password is regularly refreshed and contains a strong amount of characters. If you have other users registered on your account make sure they have the proper permissions. Only grant admin access where it is absolutely necessary.
This brings me to my next point…
3. And what about the password to your domain registrar account?
Remember when you bought the rights to your domain name? Maybe you used Godaddy, NameCheap, or Google Domains. Often, a point of weakness for hackers is the account where the website domain name was registered. If a hacker is able to enter your domain registrar account, they can change your name servers, pointing your website to a different database.
To protect your account, regularly update your password and turn on two-factor authentication if possible.
4. Keep plugins updated, delete inactive plugins, and beware of free plugins
One of the best ways to ensure your WordPress website remains secure is to keep all plugins up to date. When plugins are outdated, old code can allow vulnerabilities for hackers to find a way into the site. If you have a plugin you are not using, make sure to delete it from the website. Even inactive plugins can make your site susceptible to vulnerabilities when they are out of date.
There are plenty of wonderful free plugins, we only warn you to beware of free plugins because they tend to not be updated as frequently as purchased plugins.
5. Watch out for vulnerabilities
Your hosting account should provide traffic reports where you can see human traffic, bots, suspicious activity, and blocked login attempts. SiteGround regularly sends traffic reports for all websites so we can stay up to date on suspicious activity and monitor potentially harmful login attempts.
6. Create backups of your site (3 copies)
The absolute best practice is to have three copies of the most recent version of your website at all times. Keep a file of your website backed up on:
- Another party (like UpdraftPlus)
- Your hosting account
- Externally (Google Drive, Dropbox, or your own hard drive)
7. Use 2-factor authentication as often as possible
Practicing proper password hygiene is a great way to ensure better security and 2-factor authentication makes it even more difficult for hackers or bots to attack your website or accounts. If you don’t already have 2-factor authentication turned on, check under your account settings to activate where possible.
8. Keep themes updated
Along with plugins, you want to make sure your theme remains updated. Theme code is constantly updated to remove bugs and improve functionality. Delete any inactive themes on your site as they can pose insecurities just like old, inactive plugins.
9. Managed hosting, maintenance, and security
All of this can feel overwhelming and a lot to manage on your own. Keeping plugins and themes updated while monitoring suspicious traffic can be tedious and confusing. These crucial activities left unchecked can lead to losing a site and/or important data.
What if there was a magical team keeping your website safe behind the screen, so you can spend your time where it matters – changing your clients’ lives and making more money? Contact us today for a simple solution to your website safety.
Our monthly managed hosting, maintenance, and security include:
✓ Uptime and Security Monitoring
✓ Monthly Plugin Updates
✓ Monthly Theme Updates
✓ 30 Minutes of Content Updates per Month
✓ 30 Minutes of Live Support Time