How to Improve the security of your WordPress blog

WordPress website security

Imagine that, after creating your blog, writing a lot of articles, and spending many hours of work, one day you come and find that all that work is lost.

Your blog has been hacked, you have a virus, or who knows what happened.

The point is that you have a poker face and you start to think about what you could have done to avoid it.

Today I am going to show you the 5 basic pillars for greater security in WordPress.

The bad guys are out there

Recently, one of the biggest attacks on WordPress blogs has been unleashed, with a beastly speed of spread.

You may have noticed it on your blog.

Anyway, it's something more common than you might think.

There are a lot of hacker groups that coordinate to prepare and launch these types of attacks, and they don't stop thinking about how to exploit WordPress vulnerabilities.

Your best bet is to make it difficult. The more it's, the better.

Better safe than it's too bad...

One of these attacks can do a lot of damage to your blog. It can scratch you, seriously injure you, and even cause "death"...

Can you imagine what a bummer?

Well, you can avoid it, and it's not very complicated, REALLY.

Come on, let's see the 5 basic pillars on which you have to build your security shield.

Disclosure: Please note that this article includes some affiliate links at no additional cost to you. Those affiliate links may provide me a small commission. However, Know that I recommend only products and services that I use and endorse for myself. If you are using one of my affiliate links, the company compensates me. And helps me to run this blog and keep all of my content for readers free.

# 1 - First, a Quality Hosting

Some hosting providers, usually the cheapest ones, tend to have serious security problems.

What is the reason?

Well, being so cheap, they welcome anyone, and also the bad guys usually go for this type of hosting.

Another reason is that these types of providers do not invest much in security, since being so cheap this type of investment would eat up the benefit.

It's like being in the worst neighborhood you know at the darkest hour of the night ...

From here we recommend Bluehost, since in addition to providing technical support 24 hours a day, Bluehost offers its customers a free SSL certification service, and they have special anti-hacking rules for WordPress.

# 2 - Keep your System Updated

There are 3 components that you should always keep up to date:

  • The "core" or WordPress version of your blog.
  • Your theme or template. Do not install the first free theme that you find in an alley at 3 in the morning.
  • The plugins. Don't install unknown plugins with few downloads.

You have to keep them updated yes or yes. And beware of promiscuity in WordPress, it can cost you a lot.

Attacks are often based on vulnerabilities that hackers find in your system, and developers quickly fix them with updates.

That's why you have to pay special attention and as soon as you see that there is an update available, make it.

Of course, I recommend that you use a good template, and if you can afford it to be Premium better because you will have good technical support and regular updates.

Don't use pirated templates or plugins, I know the temptation is strong. Be careful with that, because they may contain malicious code or extra vulnerabilities.

# 3 - Secure Login

Having a weak username and password on your blog is like leaving the keys to your house outside.

Don't use a common username, like admin, administrator, user, your name, or whatever can be easily predictable.

Regarding the password, try to respect the following rules:

  • The length of passwords must not be less than eight characters. Longer length means greater security.
  • Passwords must be made up of a mixture of alphabetic characters (where uppercase and lowercase are combined), digits, and even special characters (@, $, +, &).
  • They should be changed regularly.

If it seems complicated to you, don't worry, you can generate secure passwords automatically with this online application.

# 4 - Backup Copies, the Lifeguard in Case of Disaster

You should make regular backups, at least once a week.

If you can automate them much better because you may forget it and you already know what Murphy's law says ...

Having a recent backup of your blog is essential. In case of disaster, you can recover all or most of the information in a few clicks.

Here are some plugins that can help you with this task:

  • BackUpWordPress, which allows you to send the backup copies to an email that you previously indicate.
  • BackupBuddy, which allows you to send backups via email, FTP, or to other services such as Dropbox or Amazon S3. It's a premium plugin.

# 5 - Put a ''Security Guards' in your Blog

In addition to all this, there are a series of elements that you must take into account to finish making your blog secure.

We could make a checklist with the appropriate measurements and review them each time, but there are already plugins that do it for you.

I call them the WordPress 'security guards' and the ones I like the most are:

Both have a free version and a Premium version. Choose the one that works best for you considering the sensitivity of your data, although for most cases the free versions are sufficient.

How to check the health of my blog?

Now you may be wondering whether or not your blog will be infected, or if it has a security issue.

The first thing you have to do first of all is to make your blog hack-proof, but if you haven't done it yet, you can go to the blogging doctor.

If you want to know if the health of your blog is OK, I recommend that you run it through a scanner.

For me, the most comfortable and the easiest is Sucuri SiteCheck, which will check your blog for known malware, errors, or if you are blacklisted, etc.

And if it's positive, I recommend you hire the service and go in a deep clean, change passwords, and consider switching to a different host.

I hope these 5 pillars of security help you make your blog an impregnable fortress, and of course, I look forward to your recommendations in the comment below.

Feel free to drop me a line or ask any questions in the comments below!