Website security is a very important and MUST DO STEP in every WordPress installment. A hacker can infiltrate your site if you are not careful – and wreak havoc on your servers, your hosting account, and your user database.
If you have a wordpress website these days, you definitely need to secure the thing. There are plenty of Hackers out there that “focus” on WordPress installs, because the platform is so popular, and open source. So you need to stay one step ahead of these idiots, and make sure your site is secure. Most people have the misconception that the “Hosting” Company will do this. Well that is NOT always true. Some of the hosting companies offer security, but a lot of the Cheaper Shared Hosting OPtions really don’t. So if you someone hacks your site there really isn’t much you can do about it.
Now there are services out there that will “harden” your WordPress install – and keep it very sercure. Services like Sitelock.com are very reputible – but these costs can run anywhere between $175 or higher (on an annual basis) so it can get costly fast. Their basic $12.95 annual license, DOES NOT HARDEN your site, so make sure you don’t get tricked into that as well. Because I have seen that happens as well.
There are also cheaper services out there, but most of the time, these services are SCAMS. For example, I personally, got screwed over on 10 sites from a company called www.wewatchyourwebsite.com. The guy was a joke, and then made up stories for why he had bad service. He also published my backend files somehow on one site, and then didn’t own up to it. STAY AWAY FROM THIS SERVICE and others like it. If it sounds too good to be true. It probably is. He did refund my money, but it was a huge time waster, along with Horrible service.
1. Change password frequently (once a month) and use a complex password (alphanumeric with symbols, caps)
2. Secure Your Media Files – THis can be done by dropping a blank HTML file titled index.html, in to each folder.
3. UPDATE OTHER PLUGINS – Don’t be using out of date plug ins. Tim Thumb (a very popular image plugin) was hacked hard a few years back and a lot of sites got infected because owners didn’t update the plugin, when the authors notified them. So make sure ALL 3RD PARTY PLUGINS ARE UP TO DATE.
4. Back up your files – you should always back up your files, just in case. A hacker can KILL your entire site, so having a back up copy is necessary.
5. Talk with your host – see what type of protection they are offering. Also, ask them what other services they may provide.
6. Hire the RIGHT PEOPLE – Our partners over at “WP ENGINE” will DO EVERYTHING FOR YOU. They cost a little more, but they are definitely worth it and trusted by many of the wordrpess leaders out there – including WOO THEMES. So they can definitely help you out. Check them out here www.wpengine.com