How to keep your WordPress site safe? 11 security tips

জীবনের আলো February 17, 2021


Numerous hacking attempts come to any type of site every day. The WordPress platform itself is very secure. Nevertheless, you need to do some extra work on your own for the security of your site. If a site built at a cost of thousands of rupees is hacked, then there can be nothing sad about it. In this post, I will share 11 tips to secure your WordPress site. Let's get started

1. Install the security plugin

First, install a security plugin. This will ensure all kinds of basic security of your site. My favorite security plugin is iTheme Security. There are both free and premium versions. I use free.

2. Keep your computer virus-free

To keep the site safe, you must first keep your computer safe. If a virus attacks your computer, it can easily spread to your site. First of all, install good antivirus software to keep your computer safe. Also need to check for regular viruses and malware. Properly set up your computer's firewall, it provides a lot of protection from online viruses and malware.

3. Use a good hosting company

Whether your site is functioning properly depends a lot on the hosting company. If the hosting company is good, you can be sure of many things like a regular backup of the site, good speed, security, etc. So you have to buy hosting for a site from a good company. Take a little research without buying from the place where you are offering the lowest price. Remember "the better the thing, the higher the price": p.

ExonHost is my favorite hosting provider among Bangladeshi companies. In the video below, I have shown you how to build a site by buying domain hosting from ExonHost. If you want you can see দেখে

And if you want to buy a domain hosting from any international marketplace, I would definitely suggest NameCheap. Many of my sites host them here. Alhamdulillah, I have not had any major problems so far. Moreover, their customer support is also very good.



Click here to buy a domain hosting from ExonHost (Affiliate Link)

Click here to buy a domain hosting from NameCheap (Affiliate Link)

4. Use good themes and plugins

The most common mistake that beginners make is installing themes and plugins without judging. There are many plugins that can crash your entire site if installed. If the theme is not good, the speed of your site will be bad, it will not load properly, anyone can easily take hacking attempts. So before installing themes, plugins, etc., you need to see if they are good, how they are reputed, how the user reviews, etc. Install a theme/plugin only after judging everything.

Themes/plugins cannot be downloaded from an unknown source. Also, it's best not to use themes/plugins that haven't received an update in at least a year.

5. Keep everything up to date

Always keep your WordPress version, plugin, theme etc up to date. Because each update eliminates many problems, leaks, security holes, etc. of its previous version. It is best if you select the automatic update setting in WordPress. This will automatically install all major updates.

6. Use the strong login information

The stronger your login information, the harder it will be to hack your site. So login information needs to be strong. Strong information means information that a hacker can easily guess. Make your site's WordPress login password as difficult as possible. Spell a password of at least 8 to 12 characters with normal English letters, a combination of lowercase and uppercase letters, numbers, symbols, etc., such as KawSar4561 @ # 8 !. Also, leave the username by default admin and leave something else that you will know.

7.  Two-factor Authentication

This is a great feature that many security plugins offer. This feature multiplies the security of your site. What it does is, no one can access your site with just login information. He has to go through an extra step like mobile code verification. This prevents most hacking attempts.

iTheme Security offers this feature, but only to premium users. That means you have to buy their premium version to use it. There are also other plugins that offer this feature, e.g.

8. Hide login page

All of us who use WordPress knows that the default login URL is www.domain.com/wp-admin. Hackers can easily take hacking attempts. If you want, you can change the URL of the login page with the help of an extra plugin and give something else of your choice. The hacker will not be able to find the login page. Cerber Security & Antispam, WP Hide & Security Enhancer plugins can do this.

9. Install SSL

Installing SSL will keep all sensitive information on your site secure. SSL is a must, especially for e-commerce type websites. Even now Google has SSL as one of their ranking factors.

10. Regular backups

Of course, your site needs regular backups. One of the problems with WordPress is that even a small plugin can cause your entire site to crash. So if you keep a regular site backup, you can use the backup for any need. Good hosting companies automatically back up your site to them. However, I would recommend using a backup plugin that will keep regular backups of your site in a remote storage (Google Drive, Dropbox, etc). I use Updraft Plus in this case. It's absolutely free.

11. Never use nulled themes

Nulled themes / plugins are themes/plugins that are premium, but you can download them illegally and use them for free on your site. In most cases, such nulled themes / plugins contain viruses, malware, etc., which can instantly destroy the security of your site. So this kind of thing can not be used at all. Although not very tempting.

Tags:

Post a Comment

0 Comments