There are several important steps you can take today to lock down WordPress.
Four Ways to Lock Down WordPress
1. Keep Your WordPress Site Updated
One of the biggest WordPress security vulnerabilities is running old versions of WordPress core, plugins and themes. WordPress core is updated frequently to patch security holes, fix bugs and add new features. But those updates don’t do you any good if you’re not keeping your WordPress installation up to date. In addition to WordPress core, keep your themes and plugins up to date—they can have security issues as well.
To make the process of keeping your WordPress sites updated, use iThemes Sync.
2. Enforce Strong WordPress Passwords & Password Expiration
Does every user on your WordPress site have a unique, long, 50+ character password only used on one site? Chances are, probably not. Your own strong password is useless if another admin has a weak one. WordPress password security is one of the most important ways you can lock down your WordPress site.
3. Limit Administrator Access
Think of it this way: the more users with administrator access to your site, the more chances your site could get hacked. Make sure you only grant admin access to the people who truly need it. Also, make sure
those few admins follow good WordPress security practices. Don’t forget to remove users when you have staff transitions.
4. Have a Solid WordPress Backup Strategy
If something goes wrong with your WordPress site, you want to be able to get it back up and running quickly. That means you need a solid backup plan. In order for a backup to work, it needs to be complete and automatic.
Backing up your WordPress database isn’t enough (That will save your content, but you’ll still have to rebuild your entire site, including theme tweaks and plugin settings.) And if your backup isn’t automatic, you’ll forget about it, so make sure your backup tool has scheduled, automatic backups.
Get a powerful backup tool, such as BackupBuddy, to keep your site safely backed up and ready to be restored.
Lock Down WordPress with iThemes Security
The iThemes Security Pro plugin offers over 30+ more ways to lock down your WordPress site, including:
- WordPress Two Factor Authentication
- WordPress Malware Scanning
- WordPress Password Security
- WordPress Brute Force Protection