[Sticky] Keeping your WordPress site secure
Every website can potentially be targeted by hackers and spammers. The more traffic and visibility your blog gets, the more likely it is to happen. Spammers can flood your blog with bot registrations (even if you disable the registration option in WordPress). and hackers can infect your blog with malware.
Fortunately there are some simple steps you can take to prevent these things from happening 😳
1. Delete inactive plugins. Inactive plugins can pose a risk because they sometimes create an easy way for hackers to add malware to your blog. If you have any deactivated plugins and you don't intend to reactivate them any time soon, delete them. You can always reinstall them at a later date.
2. Only use reputable plugins that are regularly updated. There are 1000's of plugins to choose from and it's easy to install dozens of them without thinking about the damage those plugins could potentially do. When choosing a plugin, go to the WordPress.org page for that plugin and look at the number of installations (you want it to be in the 1000's at least), the overall star rating, which should be at least 4, and the last updated date, which should not be more than 3 months ago, approximately.
3. Keep plugins and themes updated. You will be prompted to do this from the WordPress dashboard whenever a theme or plugin has a new update.
4. Install Akismet anti-spam. Initially, you can use it for free by choosing the option for 'personal' use. To install it go to 'Plugins' > 'Add New' on your WordPress dashboard, and do a search for 'akismet'.
5. Install 'Shield Security'. It protects against hackers, bots, etc. There's a free version that will do everything you need it to do. To install it go to 'Plugins' > 'Add New' and do a search for 'shield security'.
6. Another way that hackers can gain access to your blog is through the sever it's hosted on. So, it's vital to use a hosting service that has the highest level of protection to prevent hackers from accessing their servers.
See this video and article about getting the right hosting https://buildthatblog.com/course/know-how-to-get-the-right-hosting/
7. Keep your device/s clean with a good antivirus program. A common way for a website to get infected with malware is through infected files that have been uploaded. I use Bitdefender Antivirus, but there are many more to choose from such as Avast, Norton, McAfee, etc.
I think it is not easy to shield our blogs. Plugins themselves pose some problems although they are regularly updated. Sometimes, I have plenty of mails with links and I cannot control that.
Sometimes, I have plenty of mails with links and I cannot control that
Emails to your inbox? Yes, I get email spam too, but I just delete those emails. Of course, if you click on a dodgy link in an email and your device doesn't have virus protection, you run the risk of your device getting infected. That's why it's always important to have a good anti-virus program installed.