Is your WordPress site secure? After a bad hack on this site I was shocked of how ignorant I had been about basic web security. Wait, I got hacked, and now I’m offering you security advice? Well, yes. I’m a lazy guy but I like to get things done. This meant I loved to cut corners. And that meant security tasks never got done. But, if only I’d realised how quick and easy the most important security tasks are.
However, before we launch into this epic 4000 word post, a word of warning: LinkedIn, Yahoo, and the US government have all been hacked. Some of the world’s most secure banks have been robbed. Security is about risk reduction. It’s not about risk elimination. Risk will never be zero. It’s a continuous process.
By a long way, the two most common causes of WordPress hacks are:
weak username and password details or compromised logins
failure to update WordPress core software, themes and/or plugins
This article will tell you the most crucial tasks that will add the greatest security to your website starting with the most important.
1. Keep your software updated!
As stated above, one of the two most common causes of attacks is using out-of-date software