Even if you have taken steps to ensure that your WordPress site is safe, chances are that your site has a few flaws that you might have overlooked. You might have installed a few plugins to help with site security, and you might think that you are aware of what is going on when it comes to the security of your website. However, your security is seriously important – so much so that it warrants a second (and a third) look. That is why these tips are important to consider.
Tip #1 – Pick the Best Hosting You Can Afford
Right off the bat I am going to tell you something that is going to trump most of the other things that you read here – get the best possible hosting that you can afford. A security vulnerability on the host itself lead to more than 40 percent of all WordPress site hacks. That is dangerously close to around half the hacks, which should suggest that you do something about your hosting plan as well if you are serious about your WordPress security.
Make sure your plan includes account isolation if you do go for shared hosting. That means that no one other site on the server is going to affect yours. A good managed hosting provider that focuses on WordPress is also going to have a customer service team that knows WordPress, a server designed for running WordPress, regular malware scanning, up-to-date PHP and MySQL, and a WP firewall.
Tip #2 – Hide Author Usernames
If you do not change the WordPress defaults, chances are that people are going to find your author’s username rather easily. Because you are usually both the primary author and the administrator, it means that finding the admin username is easy – which is not good. You do not want to make a hacker’s job easier by offering your author’s username.
Tip #3 – Do Not Download Premium Plugins For Free
We have all worked on a budget before, I personally know how difficult it can be to scrap together money to buy a premium version of the latest editor – we have all been there. However, it is often a bad idea to download premium plugins anywhere other than from the direct point of sale. That is because there is often malicious code in these illegal versions of premium plugins. It does not mean that all different downloads have these, it simply means that the risk is great enough not to want to mess around with illegal downloads and torrents.
Tip #4 – Cut Back on Your Plugin Use
If you are not actively using themes and plugins, you should absolutely remove them. It is worth mentioning that you should limit your total plugins, primarily because it is going to make sure that your website is much safer. This is not just about security (although it certainly matters); it is about the performance and speed of your website as well. You can slow down your website dramatically by having too many plugins. If your website can survive without a particular plugin (and it most likely can), just remove it.