February 2014 Featured Blogger: Lisa Rodriguez of Next Level Consulting
3 Tips for Maintaining a Secure WordPress Website, by Lisa Rodriguez
If you are managing an online business or blog, chances are you are running it on WordPress. WordPress has evolved into the CMS of choice, when it comes to setting up a simple blog – or a full blown e-commerce website. All things are possible with WordPress and the appeal is you don’t have to have to master skills like HTML or CSS coding in order to have a professional and engaging website.
Having said that, there are some easy steps you can take in order to assure your content and site are secure. Here are my “Top 3”:
1. Always Use the Latest Version of WordPress It sounds easy right? But so many bloggers don’t do something as simple as updating to the latest version of WordPress. They tell themselves it isn’t important, or they will do it later. Guess what – the whole reason a new version has been released is because the developers found issues with the old version. Plus, if you don’t update to the latest version, you run the risk of your site being hacked, and your site may not be compatible with some of the new themes and plug-ins that seem to come available almost hourly. The good news is the latest version of WordPress released now has an auto-update feature.
2. Create a strong password Again, something that sounds easy enough to do – but I can’t tell you how many clients I have had who use the actual word “password” for their site password. Understand that there are many “not so nice” people online who write and use scripts to actually guess the password for your site. So don’t make it easy for them by using a simple password. There are some cool tools out there to help you with this process. Try PasswordsGenerator.net – it will help you to create as complicated a password as you want in just a few clicks. I have created a simple Word document where I list all of my different websites and the password for each. Notice I said “password for each”. Please don’t use the same password for every website you are a member of. While it makes it easy for you to remember, it also basically hands a thief the keys to the kingdom, when they guess it.
3. Back Your Site Up Regularly Okay – so you didn’t follow step 1 and step 2 and now your website has been hacked. Do you panic? Not if you have been completing regular back-ups. I back my entire site up weekly. In the event of a server crash, or any attempt to hack my website, I can always revert to a clean set of files. And you should store your files virtually. What is the point of having your entire website’s database on your computer? Sounds okay, until your site gets hacked and you are on vacation and can’t access those files until you get back. There are some great resources that make this process painless. I use a free plug-in called “WordPress Back-up to DropBox”. If you haven’t heard of DropBox, it’s a site where you can create folders and upload files “virtually”. Because it is cloud-based, you can access your files from anywhere in the world there is an internet connection. And its free!
Once you install the plug-in, it will allow you schedule a back-up of your website and you can even exclude specific files and directories if you want.So that’s it – three easy steps that will save you a lot of time and aggravation down the road when it comes to maintaining your blog or website. Make the time to complete each step today. You’ll be glad you did.