Show your WordPress site
some love this Valentine’s Day

VES1.jpeg

Valentine’s Day is just around the corner, and many of us are busy thinking of just the right romantic gesture for that special someone. If you’re a small business owner with a WordPress site however, you might want to spend a little time this week showing your site some love too! WordPress hacks are sadly all too common, but here are a few simple steps you can take to reduce the risk of having your site hacked.

1. Dedication is Important

If you’re still getting started on setting up your WordPress site, choose a hosting solution that specializes in hosting these sites. Specialized WordPress hosts are more likely to explicitly support their security needs. An example of this would be WP Engine, which even promises to fix your site for free if it gets hacked!

2. Strong is Sexy

Use a strong, secure password for your WordPress account. The most secure way of doing this is to generate random passwords with mixed case, numbers, and punctuation, using a password generator like Norton’s Identity Safe. It's a good idea to change your default login as well, to something that would be difficult to guess.

3. Put a Ring on It

Make sure you don't use the same password everywhere–this exposes you to the risk that if one account is compromised, all your accounts can easily be hacked! It can certainly be hard to remember many different passwords, but one way to avoid dealing with that is to use a password manager. This is basically a "key-ring" app that holds all your many passwords, secured by just one strong password that you need to remember. Good examples of password managers are LastPass and Dashlane.

4. Don’t Be Tempted by Strange Networks

Reading the news in a coffee shop using free Wi-Fi may be fine, but never log into any of your secured accounts, including your WordPress site, while using an unsecured, public Wi-Fi connection. You can also help keep your home network secure by making sure that you’ve changed the default password on your router or other wireless access device.

5. Create a Supportive Environment

If you don't have anti-virus software on all the devices you use to log into your site, now is the time to get it! McAfee Total Protection allows you to protect your PC, Mac, tablets, and phones with one subscription.

6. Sharing is NOT Caring

You might need to give employees or contractors access to your site, but you should not give anyone working for you your account login info. Instead, you’ll want them to have a separate user account and grant them limited access to your site. WordPress has six defined roles for users: Super Admin, Administrator, Editor, Author, Contributor, and Subscriber. Don’t give anyone a more privileged role than the minimum they need to do their job, and be sure to remove their access once they are no longer working for you.

7. Move the Relationship Forward

Check that your WordPress software and plugins are all updated to the most recent version. Staying with an older version of WordPress leaves your site vulnerable to hacking, as security flaws are frequently found and fixed through periodic updates. The next time you log into your site, check for a message at the top of most of your pages prompting you to update to a newer version. If you don’t see this message on any pages you can relax–you’re already up to date! To get your plugins up to date, go to the ‘Update’ link on the left-side of your WordPress dashboard. If any updates are available, a number should appear next to the link indicating how many updates you need to make. Click through the link, select the necessary plugins, and click ‘Update Plugins’. If you aren’t confident about safely making these updates to your website, get in touch with your website provider and ask them to do the updates for you.