WordPress Website Security Checklist: 10 Things to Prevent a Crisis

,

Over the last six months, we have had a number of small businesses come to us with website security and management issues.  These were mostly WordPress websites that had not been maintained effectively.  In one case, the business had experienced a website outage for 10 days!  While this business was able to function, many businesses could not operate without a website functioning properly. If your site went down for an extended period, what would the impact be for your business?

Your website is a critical element of your brand and business presence. Of course it should have a professional design, content and functionality, but it also should be available and working as close as possible to 24×7 in order to support your revenue marketing needs and customer service.

So, how can you prevent your website from crashing and disappearing into the vast void of data we call the World Wide Web?

 

Follow these 10 tactics to ensure you stay up and running.

1.  Maintain strong passwords.  Make sure you are not reusing passwords and that each password uses unique characters.

2.  Limit User Access.  By limiting user access you limit how far one may go within a site should their username be compromised.  Remove use of super-admin and remove/rename “admin” access.

3.  Be the Security Guard.  Analyze Server Logs.  If you want to be 100% certain your website is secure, you have to be proactive about it.  Check your logs frequently for any unusual activity and adjust accordingly.

4.  Select a good Host.  Be sure to use a webhost that is serious about security.  A number of large hosting companies have been subject to increase hacking efforts, and while your site may be secure, if your host is not, that puts you at risk as well.  Make sure they are as up-to-date as you are.

5.  Stay Current.  With website capabilities changing everyday, it is important to keep up to date with your plugins. Look for vulnerabilities in plugins and remove inactive and unused plugins as well as outdated software.  Keep your list of plugins discreet to avoid possible security flaws.

6.  Maintain Links.  Keep your links up-to-date.  A bad link can cause errors and slow your sites performance.

7.  Monitor for Malware.  Install software to monitor for malware.  If your site is infected with malware it is important to remove and repair the site in it entirety.  Having an up to date backup is key in any sites recovery.

8.  Secure File Transfers.  Use secure FTP (FTPS) for your file transfers. Do you have a record of your current DNS address or addresses?   You should have these securely saved on file should you need to re-point your website from one server to another.

9.  Organize Your Data.  It is important to have all your information organized and secure.  This information should not be left out on your desk, but rather locked in a filing cabinet or secure server.  Keep your website host’s: account number, support phone number, and support email address on file, and readily available.

10.  Back-Up Regularly.  If you were hacked, or corrupted with malware, find and isolate the problem, then implement your up-to-date backup copy of your website. You should back-up your website in regular intervals or after any changes. Most good hosting providers perform automatic back-ups, but tools can help you manage this on your schedule. Keep your software and plugins up-to-date and current on both live and back-up versions of the site.

 

These are just a few of the things you can consistently work on to insure your website is secure.  The Internet is always changing and with it, the tactics used to disrupt your website.  Remember, you are your own best security.  Stay vigilant.  If you need help with setting up an effective and secure management infrastructure for your web services, contact us at Revenue Architects.

 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Constructive comments welcome.

This site uses Akismet to reduce spam. Learn how your comment data is processed.