Tips for Making Your WordPress Site More Secure

By admin, January 1st, 2010

WordPress is a great CMS that’s not only good for running blogs, but small websites as well. Because it’s so popular, it’s become a favourite target for hackers. If you’re running WordPress, you’ll want to keep it secure. Here are a few tips to keep you out of harm’s way

Tips

Make sure you’re running the latest version of WordPress. There are two easy ways to ensure you’re WordPress install is up to date:

  1. Add yourself to the Release Notification list at http://wordpress.org/download/. You’ll get an email when new versions of WordPress are available.
  2. Log into your site regularly. The latest versions of WordPress include a “Automatic Upgrade” that lets you know when updates are available and allow you to upgrade in two clicks. You don’t have to download anything. If you run more than one WordPress site, you should log into each of them regularly.

More info on upgrading: http://codex.wordpress.org/Upgrading_WordPress

Make sure you’re always running the latest versions of plugins. Thankfully, most plugins can be upgraded from within WordPress itself as well. You should delete plugins you don’t use.

Maintain only one Administrator account. If you maintain a blog with more than one author, create “Contributor” accounts for the other authors. Most people don’t need Administrator privilidges. Turning them into a Contributors will limit the amount of damage that can be done if their passwords are compromised.

Use strong passwords. Especially for your admin account. Tools like 1Password or Roboform (http://www.siber.com/consumer/roboform) make creating and managing strong passwords effortless. Don’t re-use passwords.

More reading:
10 Tips To Make WordPress Hack-Proof

Category Icon Posted in Essential Information

Discover and Share

  • StumbleUpon
  • Digg
  • del.icio.us
  • Technorati
  • Reddit
  • RSS Feed
  •