• Home
  • Blog
  • About
  • Books
  • My Skills
  • Portfolio
  • Contact
Menu

Elizabeth Tai

Inspiring Go-Getters to Live a Life of Freedom
  • Home
  • Blog
  • About
  • Books
  • My Skills
  • Portfolio
  • Contact

How to make Wordpress more secure

July 3, 2015

"This page is temporarily unavailable". These dreaded words were back! This was the fourth time my site has gone down and I was mad.

But it was mostly my fault.

I thought all I needed to do when I got my first self-hosted blog was to write the content and leave it up.

Wrong.

Wordpress is one of the most popular CMS (Content Management System) in the world. It's easy to use, powerful and free. But as a result, it's a favourite target for hackers.

Due to my lazybones attitude towards website/wordpress maintenance, this site was down for nearly four days thanks to a malware infection (hah, I didn't even know that could happen!). After deleting hundred over files, an upgrade and much wrangling with my host's support team, it is finally back.

You don't realise how important Wordpress security is until you lose it.

Don't go through what I did. Here are 7 things you can do to make your Wordpress site more secure:

1. Update, update, update, update!

And I'm not just talking about Wordpress. This includes plugins and themes - even those you do not use! Because old versions often have security holes that hackers and malwares can slip through.

2. Make sure your hosting package has security features

Mine didn't, and I wasn't aware of that. If a package comes with functions such as Sitelock, it scans your site for threats regularly and some may even fix it for you automatically. Don't do without this feature. If a hosting package doesn't have it, look elsewhere. Trust me, you'll regret it if you don't!

3. Don't open suspicious e-mails and avoid unsafe websites

They can hop over to your website.

4. Use strong passwords

Use alphanumeric passwords, preferably with unique characters such as $,! or *. Don't use obvious passwords like your name or birthday. Here is Norton's useful password generator.

5. Don't use admin as your log in

Wordpress generates this for you. Hackers aim for that. Delete the admin user name and create one that is difficult to guess. No log ins that mirror your real name or the name you use on the blog. For example: byt76

6. Install Wordpress security plugins

Wordfence, WP Security Scan and Secure Wordpress are some of the plugins available out there.

7. Monitor, monitor, monitor!

Do this weekly. Daily if you must. You can put out the fire before it becomes an inferno. Oh yeah, and don't forget to back up!

Photo by Linder6589

Featured
Tweaking my blog's content strategy

I've changed a lot as a blogger. My content strategy has changed massively as well. Now with new goals on the horizon, I believe it's time for another shift in my blog's content strategy.
My Blogging Evolution: Reflecting on 14+ years of blogging. Yes, 14.

Blogs have changed. And so has my blogging style. I reflect on 14+ years of writing on the world wide web.

Why I created a Youtube channel
My favourite author blogs
My favourite author blogs
Five things I wish I knew before I built my author website

Every writer should have a website, preferably one that bears your name. Not only do you give people a one-stop centre to discover and interact with you, it's a great way to build your personal brand.

I've made a few mistakes when I began building my space on the Internet. And some of the mistakes cost me a lot of time and money!

Here are five things I wish I knew before I built my author's website - may you learn from them:
Yes, you can blog without a niche!
Why I moved from Wordpress to Squarespace
Why I moved from Wordpress to Squarespace

It was a pleasant chat until my friend said: "I thought I should let you know that when I google up your website, there's a note on the search that says, "This site may be hacked."

I groaned out loud.

I've been dealing with numerous security issues with my website for years, and lately it has become an almost monthly affair. Early in 2014 or so, my blog was flooded with thousands of comment spam. The iPage support team said they couldn't help me. The only way out of it was to delete the comments manually. I ended up deleting entire posts instead.

My site was also going offline more often. And each time I would panic, get in touch with a support person and wait impatiently for them to solve the problem. It would take hours, even days before my blog was fixed. Once, my blog was down for a week.

But this Google blacklist thing? This takes it to another level.
My blog identity crisis
How to make Wordpress more secure
Should you leave your faith out of your personal brand?
In Blogging & Social Media Tags blogging
← The Lord of the Rings - a review and a confessionAn (old) interview with Carol Berg →

Subscribe

Get blog posts delivered to your inbox.

We respect your privacy.

Thank you!
Thran_Final.png
Free Ebook

Hi There!

elizabeth tai.jpg

My name is Liz and I believe that anyone can live a life of freedom.

I write about personal finance, writing, minimalism, blogging & social media, creative entrepreneurship, travel and more.

I blog on Fridays. Usually. Best to have my blog posts delivered via e-mail to not miss a post. (Sign up form above.)

 

  • Author Spotlight
  • Blogging & Social Media
  • Book Notes
  • Ebooks & Self Publishing
  • Faith
  • Interviews
  • Life in Australia
  • Link Love
  • Minimalism
  • Misc
  • Personal Finance
  • Reading
  • Self Care
  • Stuff I'm Sharing
  • TV & Movies
  • Travel
  • Work
  • Writing
  • Writing Life

Or browse

All posts

By topics

 

FEATURED POSTS

Featured
Why I left Australia and returned to Malaysia
How minimalism changed me
Why I quit my job to move to Australia
Blog series: My Shifting Faith
Tai Weiland
Professional Reader
Blog RSS

Powered by Squarespace