WordPress is a user-friendly, versatile CMS. That flexibility though, by extending functionality through plugins, creates vulnerability.
When a client’s website or blog gets hacked, even though we in digital marketing lack expertise to find and handle these issues, nothing can erode trust and set back progress faster.
Fixing these problems is costly. It exposes any customer or client data within the system. This can all get into legal issues, and we may be culpable through bad practices.
Therefore, here are some tips for better WP security:
- Ensure the core, themes, & plugins are updated, removing anything outdated.
- Have complicated, unique passwords for each WP user and for the database; never keep defaults.
- Consider plugins like WordFence and Sucuri Security for added protection, 2-factor authentication via apps, and extra steps such as login limits.
- Backup the site regularly, perhaps locally and at least through the hosting provider.
- Choose reputable hosting, then apply HTTPS which is good for SEO too.
- Take measures to protect access to both your personal and work computers.
Never forget Ben Franklin’s axiom here: an ounce of prevention is worth a pound of cure.