WordPress Security

Improve the security of your WordPress website

WordPress started in 2003 as a single bit of code created to make the process of arranging and publishing text on the web easier for everyday writing, with only a handful of users. Today, WordPress is the most widely-used, self-hosted blogging system in the world, seen and used on millions of websites. It has even evolved past that into a full content management system (CMS) as well, with thousands of plugins, widgets, and themes available for users to fully customize their website the way they want.

About WordPress: https://www.hostpapa.com/knowledgebase/about-wordpress/

Unfortunately, such widespread use and accessibility of the software translates into vulnerabilities, which users need to be aware of in order to protect their virtual property.

HostPapa offers WordPress to all clients through Fantastico De Luxe, which can be found in the Software/Services section in each cPanel control panel of a HostPapa hosting account. It is free, and can be easily installed on each and every domain a client hosts on their account.

Here are a few helpful tips to improve the security of your WordPress website, plus a link to the WordPress Support Forums. There, you can find more advanced security suggestions, and almost any answer you’ll ever need regarding your WordPress website.

WordPress Security Tips

  1. Make sure you are ALWAYS running the latest version of WordPress – As with any software, new versions are being released all the time in an effort to make the software more capable, compatible and most importantly: more secure. It is very easy to stay on top of this with WordPress by simply logging into your WordPress Admin control panel, and looking at the bottom of the ‘Right Now’ box in the top-left of your ‘Dashboard’ section. It will have listed there the WordPress version you are currently running, and a button to press to download the latest version if need be. ALSO, SEE TIP #4 BELOW.Updates are also listed on the main page of Fantastico De Luxe. However, if you start updating WordPress from the Admin control panel, you should not use Fantastico to apply any updates. Fantastico does not keep track of any updates applied from inside WordPress and could break WordPress by applying an out-of-date update.
  2. Change your passwords regularly – HostPapa strongly recommends this for any online venture their clients are involved in, but specifically the passwords for your WordPress Admin control panel, and for your HostPapa cPanel control panel. Consult the HostPapa knowledge base article through the link below for tips on insuring a strong password.
  3. Backup your HostPapa account regularly! – We can’t stress enough how important this is for every client to do, regardless if they are using WordPress or not. Consult the HostPapa knowledge base article through the link below for instructions on how to backup your HostPapa website.How to back up your HostPapa website: https://www.hostpapa.com/knowledgebase/how-to-back-up-your-hostpapa-website/.
  4. Use the latest version of any WordPress themes and/or plugins you have installed on your website – ***PLEASE READ BEFORE ACTING*** Again for security reasons, it is always best to use the latest version of any software you use, and this includes WordPress themes and/or plugins. However, it is important to keep in mind here that in most cases, themes and plugins are created and offered by independent web developers, and not WordPress themselves. That being said, their theme and/or plugin may not always be fully compatible with the latest version of WordPress, so while updating the version of either makes your site more secure, the incompatibility may cause issues with your website. We still recommend always having the latest version of WordPress, but also conducting a little research online first to make sure your themes and/or plugins are compatible. In most cases, if the theme and/or plugin aren’t compatible with the latest version of WordPress, it is only a matter of time before the developer offers a new version.Themes and plug-ins must be updated from inside the WordPress Admin control panel. If an update is available, WordPress will list it in the upper left corner in the same place as WordPress updates.

WordPress Support Forums

There are also more advanced preventative measures you can take to secure your WordPress website. You can learn more about these measures and how to implement them, and find the answers to almost any WordPress-related question you have through the WordPress Support Forums accessible here: http://wordpress.org/support


This article is also available in: French Spanish

Related Articles