December 20, 2018
|
WordPress is the most popular content management system, but popularity comes with a price. With 30 percent of all websites built on WordPress, hackers have had a lot of practice finding and exploiting the software’s weak points. The average website is attacked 44 times per day(!) and open source platforms like WordPress are especially at risk. Even with its vulnerabilities, WordPress is often the best choice for small businesses because of its ease of use and compatibility with a large variety of plugins. It’s critical, however, to take the following precautions to secure your site.
Use strong, unique passwordsIt’s important to remember that no business is too small to hack. Weak, reused passwords are often the weak link exploited by cyber criminals. A strong password, according to current password guidelines, is a long, memorable passphrase (15 characters minimum) that only a psychic could crack. We know it’s tempting, but don’t use the same password, no matter how strong, for multiple accounts. Create a unique passphrase for each and store them in a reputable password manager so you don’t have to worry about remembering them all. Also make sure that you secure your WordPress admin area with a password and two-factor authentication (when logging in requires entering a code sent either through email or text message).
Choose a secure web hosting providerYour WordPress site is hosted on a web server or web hosting provider. Not all web hosting providers are created equal so it’s important to ensure yours meets the necessary security standards for your needs. For most small businesses, managed WordPress hosting is the right choice for both security and optimal site performance. This type of hosting manages everything for you, from WordPress updates and daily backups to speed and scalability. If you’d like to save money and manage updates yourself, you can select an unmanaged web hosting provider. This type of provider, however, will only keep your website secure if you download the recommended updates in a timely manner.
Update regularlyAs we were saying … regular updates are crucial for website security. Your WordPress host and operating system will recommend updates whenever a new security patch has been released or when new features become available to improve your site’s performance. The security patches are necessary to protect you from vulnerabilities in the platform. When you download the patches they work to prevent attacks like the WannaCry ransomware that spread across 150 countries and over 300,000 computers because individuals and companies had neglected to update their operating systems.
Know your pluginsAccording to Jessica Ortega, security analyst at SiteLock, “A single unpatched vulnerability could leave every page on your site open to attack.” That’s right. It’s not enough to simply update your WordPress host and operating system, you need to ensure all your WordPress plugins are also up to date. This is why we recommend limiting the number of plugins you connect to your site. Of course, you can’t avoid plugins entirely and there are plenty out there that you can trust. Before you click that download link, however, double check that it won’t compromise your site’s security.
As a small business it’s easy to become complacent when it comes to website security. You may assume you’re simply too small to hack but every business has valuable data worth stealing. Securing your WordPress website will help ensure that your customers’ data is protected and will also protect your business from identity theft. If you have further questions or concerns about the security of your website, contact us for a free IT consultation.
Related Posts:
Should Your Website Use HTTP or HTTPS? 5 Virus Protection Tips Beyond Security Software How to Secure Your Social Media Accounts
Want IT to serve you better?
–––––––––––––––––––––––––––––––––––––––––––––––––––––––––– About Pagoda Technologies IT services Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at support@pagoda-tech.com to schedule a complimentary IT consultation. |
Return to Pagoda Blog Main Page |