SECURE YOUR SITE – Tips for protecting your WordPress site

Having a WordPress website is fantastic for acquiring new customers and portraying a digital version of your business. Some believe the website development process ends once the site is live. When in fact, that is only the beginning. At Fuel, we specialise in the maintenance and security of your WordPress website.
We have compiled a small list of action points that can help you to improve your security and inevitably reduce the chances of your site being hacked.
Some may seem obvious but you’ll be surprised how many are undervalued.
Usernames:
Instead of using generic usernames such as your; first name, pet, or company. Using an email address for the username will help boost your site’s security because it is harder for hackers to predict. If you are still currently using ‘admin’, you need to strongly consider updating your details.
Passwords:
Always revisit your account passwords. Whether that be adding a special character to your passwords, or changing them completely. This will make it harder for potential hackers to access your WordPress site. It may be confusing and time-consuming to frequently update passwords but when it comes to it, but this is a simple and effective tactic you can use to help protect your site from hackers.
SSL Certificates:
Never heard of SSL before? You’ve most likely come across it before without even realising. If you go onto any well-known site (Wikipedia, BMW, Gov, The Guardian, Citizens advice, Ryan Air (notice how these aren’t just E-commerce sites) you’ll see that ‘HTTP’ changes to ‘HTTPS’ and a small green lock and ‘secure’ appears in the top left of your browser.
Seeing this lock means that you’re on a safe website, secured by SSL. This means, when a web browser contacts your secured website, the SSL certificate enables an encrypted connection. In layman’s terms, it’s like sealing a letter in an envelope before sending it in the post.
Also, an SSL certificate allows you to excel your website’s Google listing. Google tends to rank secure sites higher in comparison to those who operate without one. This makes sense from a business point-of-view because this can result in more traffic heading towards your secured site.
Audit Logs
This will not stop hackers attempting to breach your site but this will allow you to keep an eye on who has and is logging into your WordPress site. This will help you to identify any anomalies.
Monitoring:
There are plugins available that can send you updates with actions required for your WordPress site to be up-to-date and whether or not there are any malicious activities. Due to the vast amount of updates carried out on both WordPress functions and plugins, you will be sent email updates daily with points of interest. It may seem daunting, but they are just friendly reminders showing which updates are available.
WordPress version:
A quick win is removing what version of WordPress you are currently running on your site. For example, if you login into your WordPress site and scroll to the bottom of the dashboard, it will say ‘Version 4.1.1’ or something along those lines. This may seem trivial but hiding this will make it harder for hackers to identify what version of WordPress you are using. If they know straight away, this would make it considerably easier for them to hack your site. We are not for one second saying this will save your site but it will slow down the hack and give up more time to resolve the issue.
If you have any questions or would like some more insight into how Fuel can optimise and protect your WordPress site, please get in touch and we’d be happy to support you and your business.