Simon Dalley
Simon Dalley

Table of Contents

How Do I Secure My WordPress Website?

If you’ve got a WordPress website you’re in good company because around 75% of the world’s websites run on WordPress. This does also mean there are a lot of people out there who are looking at how to get into WordPress websites. It also means you’re going to want to work out how best to deal with cyber threats from your WordPress website, whether they be hacking, malware or simple data breaches.

The damage caused by cyber threats can result in your website going down. If you’re an eCommerce business this can have a direct impact on your revenue and even if you’re not an eCommerce business, the longer your website is down the more likely it is you will receive fewer enquiries. And even worse than your website being down for a while, you might find that you’ve had a data breach, which could bring your business due to reputational damage, due to heavy fines, data loss, or even imprisonment.

Put simply, if you’ve not done anything to ensure your website is safe and secure, it’s a bit like pulling your door shut when you go on holiday and hoping no one checks to see if it’s locked or not.

Spending a small amount of time ensuring your WordPress website is secure is all you need to do, by doing this you’ll safeguard your customers, your business and even yourself personally.

Here are some steps you can take to secure your WordPress website:

  • Use a robust and unique password for your WordPress login and keep it confidential. At GrowTraffic I have a strict rule that the GrowFos must generate every password and they mustn’t change a password to one that’s easy for them to remember. There are loads of strong password generators out there to choose from.
  • Use two-factor authentification to add an extra layer of security to your login. OK most of us hate using two-factor authentification but you’re going to need to put something like this in place if you’re going to make sure your site is super safe. It’s a small price to pay.
  • Keep your WordPress software and all installed plugins up to date. If you’ve ever turned off the auto-enable update functions on WordPress for fear that your site might go wonky I really do feel you, I wince at it, but I’d rather think that within 24/48 after an update has gone out I’m getting the most up to date version of the software running on my sites. I just make sure I’ve backed them up and have them let me know if there’s a problem, which rarely happens these days.
  • Only install plugins from reputable sources. When I first got into WordPress around 15 years ago I used to install as many different random plugins as I could. I think it was only recently that I uninstalled some of the very oldest plugins. But after a while plugins stop being supported – often because the dev has gone out of business or moved on – so it’s important to make sure the plugin supplier is one of the credible ones. To be a credible dev you’ll want them to have a big track record of delivering software for years – and not just some kid in a back bedroom who has a great idea.
  • Use a security plugin to scan your website for malware and vulnerabilities. Most of the websites I put out these days are on Siteground and we use the SG Security plugin. I used to use Wordfence on all websites. These will scan your website and alert you to any issues and isolate any malware they might find until you’ve had a chance to look at it.
  • Regularly back up your website to prevent data loss in case of a security breach. This is probably one of the best pieces of advice. Backup your websites regularly. We backup our websites every day and save a copy for 30 days. That means if something happens on the weekend you can go back a few days and correct the issue. It also means that if you only just notice something and it’s been there for a week or two you’ve got plenty of backup points to refer back to. And it’s best to backup at a hosting level and not from a WordPress plugin if possible.
  • Use a firewall to protect your website from malicious traffic. Firewalls can be both plugin and server side. It’s likely your web host will provide some level of security and it tends to be fairly effective, however, adding a plugin can’t hurt when it comes to ensuring there is a good level of protection.
  • Use a secure (HTTPS) connection to encrypt data transmitted between your website and users’ browsers. There are various levels of SSL certificate you can get, but for most applications, they don’t have to cost the earth plus they give you a small SEO benefit too.
  • Limit login attempts to prevent brute-force attacks. One of the key ways people and bots try to get into your website is via a login brute force attack and this just means that they will try a load of passwords until they find one that works for them. As I mentioned above you’ve got to use a pretty secure password to make sure your site isn’t vulnerable to this, two-step authentication is better and limiting login attempts is better still because the person or bot will only have so many chances to get it right.
  • Consider using a content delivery network (CDN) to serve static files, as it can help mitigate the effects of a distributed denial of service (DDoS) attack. I’ve had a DDoS attack on GrowTraffic before and this was when everything was just located in one place. It was rubbish and there wasn’t a lot I could do at the time to stop it from happening. A CDN such as Cloudflare is a great way to help get around this as it separates out your website from the hosting provider.

If you’re struggling with getting the security of your WordPress website sorted we can help. Get in touch today and we’ll try to help you get it sorted.

Related posts:

  1. How Do You Fix The WordPress White Screen Of Death?
  2. Our Unbiased Review of OptimisePress for WordPress
  3. How Do You Fix A WordPress Website That Can’t Establish A Database Connection?
  4. How Do You Debug A WordPress Website?
Home » Search Engines » SEO » SEO » How Do I Secure My WordPress Website?

Share this post

Categories
Tags
Ad Marketing Ads backlinks basic seo blog Blog Content blogging blogs brand marketing content content marketing content marketing agency copywriter copywriting coronavirus digital marketing Facebook freelance seo freelance seo consultant freelance seo copywriter Google google ads growtraffic internet marketing keywords link building marketing online marketing PPC search engine optimisation Search Engines search marketing SEO seo agency seo consultancy seo consultant seo content marketing seo copywriter seo copywriting SEO Marketing social media social media marketing sponsored google ads Thoughts Web Design

Get In Touch

Let us grow traffic to your website! Get in touch today and start getting more business online.
Contact Us
Categories
Tags
Ad Marketing Ads backlinks basic seo blog Blog Content blogging blogs brand marketing content content marketing content marketing agency copywriter copywriting coronavirus digital marketing Facebook freelance seo freelance seo consultant freelance seo copywriter Google google ads growtraffic internet marketing keywords link building marketing online marketing PPC search engine optimisation Search Engines search marketing SEO seo agency seo consultancy seo consultant seo content marketing seo copywriter seo copywriting SEO Marketing social media social media marketing sponsored google ads Thoughts Web Design

Get In Touch

Let us grow traffic to your website! Get in touch today and start getting more business online.
Contact Us

Ready to grow?

Don't leave it to chance. Get in touch with us.

Recent posts from the blog

Our awards

SEO Agency Of The Year Prestige Award logo
rra19finalistbannerdigital (002)
Best Digital Marketing Agency 2021 North England __ (002)
Expert SEO Advice GrowTraffic founder, Simon Dalley is one of the UK's leading SEO consultants. As an organic traffic growth specialist, he has devised and implemented strategies that have catapulted a number of businesses to unrivalled levels of success. SEO Consultant Services My name is Simon Dalley. I am a director and SEO consultant at GrowTraffic. If your website does not rank highly then it’s not reaching potential customers. And that's why I set up GrowTraffic, working originally as a freelance SEO consultant, to help businesses achieve growth and success through search engines such as Google. In today’s market, even small to medium business owners can’t afford to rest on their laurels; your website needs to work hard and it needs to compete with the best for maximum visibility. If you’re unsure as to how to get your website to rank higher, then you need a Search Engine Optimisation consultant to show you where you’re going wrong and to give you helpful, constructive advice on how to remedy this. So, if you can’t make head nor tail of the all the advice out there on the net, you probably need the help of an SEO Consultant like me! Here at GrowTraffic, search engine optimisation is what we do and, with my experiences as a SEO specialist and search orientated copywriter, we pride ourselves on being exceptionally good at the SEO service we provide. Learn more about our SEO consultancy services. Drop us a line What Does An SEO Consultant Do? SEO consultant services mean different things to different people. Here at GrowTraffic it is all about providing you with the best knowledge, experience and service to grow your business. As search engine optimisation specialist, I will carry out a full audit of your current website to see where it is under-performing. I'll review your existing keyword performance and backlink portfolio to determine if certain search marketing tactics could help it achieve a better ranking position. Once your site has been analysed, you'll receive some suggestions on how to improve it or what you could do differently. I look at this from the perspective of a technical SEO consultant, as well as considering your ongoing SEO content and offsite requirements. Once the audit and SEO strategy consulting phase has been completed, you can either undertake the work yourself, or hire GrowTraffic to do it for you! Getting a consultant in to take on this side of your web marketing is a big thing, so why not call now on 0161 706 0012 or 07411 420740 and we can discuss it in more detail.
Business Awards - Finalist
Business Elite Awards 2020
NW SME Growth and Innovation Awards
R-Awards 2018 Logo - Full Out Version - Winner

Our Lancashire & Yorkshire Locations

The Goffice, Worksop Road, South Anston, Sheffield, South Yorkshire, S25 5ET
  • The Goffice,
    Worksop Road,
    South Anston,
    Sheffield,
    South Yorkshire,
    S25 5ET
Broadclough Farm, Burnley Road, Bacup, Rossendale, East Lancashire, OL13 8PS

Key Pages

Important info

Important Articles

Get in touch

Sign Up To Our Newsletter

Monthly SEO news, tips, and general frivolity. 

Est. 2009

Brought To You By GrowTraffic Limited (Registered Company No: 10780575, VAT No: 292247001),

Broadclough Farm, Burnley Road, Broadclough, Bacup, Rossendale, East Lancashire, OL13 8PS, UK

A Global Hyper Mega Net Affiliated Company

Global Hyper Mega Net White on Black Logo