If you are an online business owner, chances are you also have a website. And most of the time, one content management system that is frequently used – wordpress.
WordPress is a very powerful tool and is also one of the target by hackers to take down your online business.
Because of that, internet marketers and WordPress Developers are finding ways to secure your website from being stolen or hacked. All of those will be taught inside this video tutorial.
You will learn how to secure your WordPress websites. Next to monetization, this is one of the most important subjects that all WordPress website owners should be aware of
In this second episode, we talk about using strong passwords. We all know of the popular examples like customers using “password” as their password. Strong passwords should be enforced on your website
If your website is compromised, having a policy of changing passwords often, will help to mitigate that risk
In this fourth video, we talk about keeping your WordPress site updated. WordPress is like any other piece of software in that it has versions. Hackers routinely employ spiders to search the internet for WordPress websites using versions with known vulnerabilitie
At BeProSoftware.com, we talk about this all the time. If a theme isn’t monetized, it probably won’t be supported forever.
This could end up being the weakest part of your installation if not paid special attention
We all like using the default features of FileZilla to access our FTP but that’s not the most secure way. SSH should be used over FTP every time
Now we will talk about scanning WordPress plugins for viruses. Just like your local computer, you can scan WordPress for viruses and it’s something you should do regularly.
Although not intuitive, once you are told, you will get it. Its a very bad idea to leave unused plugins installed on your WordPress website. All this to the list of procedures you follow on a regular basis
Admin is the default account for all WordPress sites. That means that a script can be created to guess your password, since the username is probably Admin. Don’t make your admin username Admin
Not every user needs access to everything. Understand the user roles that are available and how to change them
If you have an admin account with no user, it’s probably not getting its password updated. That’s a security liability. So after your developer is done the work, delete the account
For the same reason that we don’t use the default WordPress Admin user, we don’t want to use the default database prefix. If someone does get access to your server, you are making it easier for them to guess your database
This is where your images, theme, and plugins are. Preventing direct access to some of these folders would be very advantageous
Allowing someone to navigate your directories is a bad idea. We learned about it in the last video about wp-content. In this video, we provide more details and examples
In this last video, we talk about preventing search engines from indexing the admin section of your WordPress site.