More than 11 years ago the digital online world became richer with the introduction of an easy to use CMS (Content management system) lovingly called WordPress. Today millions of people use this system and millions more have access to a free open source platform that is easy to use and enables a great number of possibilities when it comes to promoting your product, brand, profession, or even that “I Made It to Everest” adventure blog your friends love to read.
Being such a popular choice of CMS, it is the most common target for many hackers. According to wpmayor.com, in 2012 alone over 170 000 blogs and websites were hacked.
Frightening! But don’t think that the people at WordPress are not aware of these security risks - they are, and they are constantly mounting counter offensives. However, when it comes to any open source platform, the security responsibility must be shared meaning that website owners have the responsibility to ensure that their WordPress installation is constantly up to date.
Okay, What Can You Do to Improve the Security of Your Website?
Should you hire a really good security guard to keep a constant eye on your server? Or little minions who can get on the internet to guard your data? Ahhh, no! The following are a few essential security tips.
Use stronger passwords:
It’s been said a thousand times but here it is again: use stronger passwords. Make sure not to use the same password on different accounts: your computer, email, online banking, Twitter, or Facebook account should not have the same password as your WordPress site. Change your passwords every few months.
WordPress is constantly working on improving your experience, but it is up to you to make sure that you get essential updates installed regularly. Talk to us about how we can do this for you (we do provide an update service for all the WordPress websites we build). You should probably know that in November WordPress released an update 4.0.1 which deals with some major security issues, so make sure to update today.
Update only from trusted sources
Make sure to never, ever install core updates from any site other than wordpress.org.The same goes for your plugins and themes.
Many unpleasant experiences have proven that you should always get themes and plugins only from trusted sources. It is possible to also ensure additional site safety by scheduling constant malware scans on your website. We actually throw this in as a freebie on our support contracts (we scan your website 4 times a month - for no extra charge).
Too much effort?
Imagine your website becoming a hacker’s playground: it could take a developer days and lots of nerves to fix everything that could be messed up. However, if you regularly update the version of your WordPress site and do a backup every now and then, loads of these problems can be easily avoided. So definitely yes - get a development company like us to keep updating your site or learn how to do it from an expert.
A Little more on Wordpress Updates:
WordPress updates are divided into two groups: Security and Maintenance, both of which are equally important. Sometimes updates are concerned with both issues, but when it comes to larger security issues, there is usually a separate Security release for dealing with a specific problem.
The same applies for the trusted creators of plugins and themes.
It’s always good to have a few tricks up your sleeve...
Trick 1: Developers use something known as version control. For developers version control is an essential tool, also used to update your WordPress installation quickly. So, if you are really bugged with updating WordPress often, use a good version control system. Git is our version control system of choice, read more about it by clicking here.
Trick 2: Never grant access to your website to people you don’t trust, and assign user level access based on user qualification. Think about user levels and an approval process you should follow on the site. The roles will enable those working on a website to finish their job, but are restrictive enough so they can’t change or have a peek at anything else. Explore WordPress and get to know their user level hierarchy and how best to use this tool to its full capacity.
The importance of security measures are not always taken seriously until it’s too late and the site has already been hacked. The truth is that every website is a potential target and that cyber hacking is now basically a common place. When we develop a website we always ensure that we employ the very latest security measures and constantly update websites of clients who have ongoing service contracts with us.