WordPress Security and Maintenance

By April 29, 2015 Blog No Comments

Like many web designers, we use the WordPress Content Management System to build most of our web sites. In fact, 23% of the web sites on the Internet are using WordPress. Why? Well, there’s a lot of upside to using WordPress.

It’s fast, so we can turn around web sites quickly for our clients.

It’s flexible, so we can easily extend and customise it to meet our client’s requirements.

It’s also open-source, which means it’s free for us to use so we can keep the cost down.

“23% of the web sites on the Internet are using WordPress”

But one of the key pluses to using WordPress is that it’s continually being updated and maintained by a community of developers across the world. It also sees a major release on average 4 times per year, as well as several minor updates and security fixes in between. Needless to say, WordPress is very well supported.

Of course there’s always someone that wants to ruin the party, and due to it’s popularity and the availability of its code source, WordPress web sites can also be a target for hackers. To combat this, we implement a security checklist for each site launch to ensure we’ve done everything (reasonably) possible to minimise the chances of a hack.

However, from time to time security flaws in the WordPress Core and WordPress Plugins occur and can leave your site vulnerable to hacks. Often hackers just crash your site leaving their calling sign, like a teenager scratching their name into the back of a bus seat. This isn’t to be taken lightly though. If a hacker has gained access to deface your web site they most likely have access to your username and passwords, customer databases or any other sensitive information you may have on your web site.

So, what should you do as a web site owner to keep your site secure? Prevention is the best solution. We recommend you to:

  1. Backup your site
  2. Keep the WordPress Core up to date
  3. Keep all 3rd Party WordPress Plugins up to date
  4. Test and troubleshoot your site after updating
  5. Run regular security scans for malicious code
  6. Implement relevant WordPress’ “Hardening WordPress” recommendations
  7. Implement additional security measures to prevent again common attacks (For example, Wordfence or Security Ninja)
  8. Keep strong passwords and update them regularly
  9. Try not to make it obvious that you’re using WordPress
  10. Backup your site and store offline

Being prepared and ensuring your site is as secure as it can be is half the battle and while a web site is never 100% safe from threats, taking the appropriate security measures along with regular backups is a very, very powerful defence.

About Kim Berry

I first starting designing back in the early 00’s creating posters and web sites for my band. Soon afterwards I completed a Diploma of Business Marketing and Bachelor of Communications with Majors in Graphic Design and Interactive Multimedia. After spending 4 years as the Marketing Manager of a local music retailer I started Sixes and Sevens specialising in web site design and development for small to medium sized businesses.