Think Twice Before Ignoring These 3 WordPress Security Tips

by Waseem Abbas  April 2, 2014

WordPress security is somewhat a very common issue in the industry. It’s not wrong if I say that many people learned about installing secured WordPress only after experiencing problems in their websites. So, I thought it would be great if we try to find ways to secure a WordPress installation.

do not ignore wordpress security

I began my journey on Quora where WordPress SEO expert Joshua Jacoby shared this little gem of information:

Read Quote of Joshua Jacoby’s answer to How does I secure my WordPress installation? on Quora

Another WordPress expert, Joe Hatch shared the following tips:

  • Use your .HTACCESS to protect your site from URL based attacks. If running your site on an Apache HTTP server, familiarize yourself with HTACCESS rule sets. I recommend you to look at this comprehensive guide.
  • Don’t use “admin” as your name.
  • Limit login attempts to prevent brute force attacks by using this plugin.
  • Use other readily-available security plugins such as:
  • Read the official WordPress tips on this matter.

Understand where you are hosting

The above-mentioned advices are great practices. If you are a newbie on WordPress, I would suggest that you should check where you are hosting. You should have physical control over systems and networks which means a good backup plan. Take backups on a routine basis.

If you are still facing problems with your WordPress installation, I recommend you to try out a new hosting service and figure out what really has gone wrong. (We give you a 3-day free trial!)

Know the .htaccess file

You should understand the functional mechanism of .htaccess file, as it is the best option for installing a secured Word Press website. If you don’t want to bother about .HTACCESS file, the second best option is to use the available plugins, like iThemes Security.

The default settings of WordPress prevent the website from routine attacks, including: brute force attack, user name attacks, etc. WordPress also has some advanced features that allow editing of .HTACCESS file manually, thus one can change the structure of the default directory from “wp-” to a set of characters, selected randomly.

Keep (offline) backups

As a precaution, I suggest you to take multiple backups, if needed, to secure both your files and database. You should also keep track of your backups. And one thing more: DO IT CONSISTENTLY.

Keeping all the eggs in one basket is not a good idea! Similarly, keeping all backups on a server that hosts your live website will do no good either. If a server crashes down, you ought to lose all your data at an instant. Surely, this is not what you want! A commendable solution for managing backups is to use an off-site location to store your data. You can use your email account as well.

One of the best options is to use Dropbox or Amazon S3 services to get your data backup. These services help you to limit the number of manual backups to a minimum, thus shunning the burden of removing outdated manual backups.

I personally keep an offline backup too on DVDs and portable USB disks. Yeah, some will think I am crazy, but I have put a lot of effort on my WordPress site and I cannot think of losing it all.

[Also read: 5 Best Free WordPress Backup Plugins For Worriless Sleep]

Cloudways Platform is a Great Solution for WordPress

Guess what? Cloudways provides all of the three things. (You only have to do offline backups but that’s your choice.) All of our Cloud servers have automated backups on an offsite server, SFTP access, and much more. If you are not satisfied with your current host, then start your 3-day free trial.

Make Your WordPress Website 100% Faster.

Host it now on Cloudways WordPress Hosting Platform.

About Waseem Abbas

Waseem Abbas was WordPress Community Manager at Cloudways. He loves to help people with their WordPress worries. He is a self-proclaimed “food explorer”.

Stay Connected:

You Might Also Like...

  • Jacob Perl

    BulletProof Security provides automatic .htaccess hardening (unlike Better Wp Security, I believe).

    • Thanks for taking interest in the blog @jacobperl:disqus. BulletProof Security, Wordfence Security, and many other plugins are useful for WordPress security.