How to keep your WordPress website secure
Your website security is an ongoing issue
WordPress is the most widely used software for creating a website in the world. The platform offers endless possibilities and it is constantly being improved and developed.
The downside is that 90% of all website attacks involve WordPress. WordPress is not unsafe, but because of its widespread usage, WordPress is a grateful target for hackers. Anyone running a website today has to take security measures.
WordPress security
There is no 100% security for any website. It’s about constantly optimizing security while implementing a good backup strategy. When it comes to security, it is about critically questioning one’s own behavior and to use available options for protection.
- Do not use an account with the name «Admin»
- Use secure one-time passwords (use WordPress suggestions)
- SSL certification for the website encrypts the connection between the website and the user
- Switch off unnecessary services in the website
- Use security plug-in (defense against brute force attacks, connection to security standards, configuring htaccess files, etc.)
- Change standard login pages (plug-in)
- Regular malware checks
- optional: two-factor authentication
- optional: external backups (ie not with the hoster)
Kursiv offers optimized security settings as part of a service package for WordPress websites.