Increase your security with these simple (but important) steps.
I am ALWAYS preachin’ the importance to taking care of your web home. I mean ALL. THE. TIME. Like here for instance.
It blows my mind that lot’s of people (tons of ’em!) STILL don’t think it’s important or take the time to care for their website! I don’t get it. Isn’t your website your calling card, the way people size you up, what brings in the moolah and what can potentially make or break your biz???
Maintaining your website should be a priority. I love this quote:
““I’m high maintenance, but I’m worth it.” -Lara Logan
Maybe you’re thinking…”I don’t even know what I’m supposed to do!”. It’s sad and a huge disservice actually, that business owners aren’t educated about how to maintain their website by the people who built it for them.
I can’t go back and change the past for you (though that might be cool in some circumstances) BUUUT… I can give you some advice that you can put into action now.
5 Steps to keep your web home safe from hackers.
Use strong passwords. I used to keep a little notebook with hand-scribbled passwords for all kinds of accounts – do you know how hard that is to maintain or even find a password? Don’t do that. Make it easy on yourself by just keeping up with 1 password by using LastPass.
Use LastPass for your personal accounts, business accounts, accounts for clients, to securely share passwords with people who need access to some accounts (like your web developer), etc. TIP: Download the LastPass app to your computer. The app will auto add your passwords into the login fields of your online accounts (this is a big ‘ol time saver!)
Set up a free account to LastPass here. You can thank me later. 🙂
Don’t use the default “Admin” username in WordPress. By not changing this, you’re just giving hackers a helping hand. Yes, it’s good to be nice but not toooo nice!
To do this, you need to make sure you FIRST create a new admin user for yourself. (You will need to create a new one because WordPress won’t allow you to edit/change your current username.) Make it hard and something unique this time – not admin, not your name, not the name of your URL or business, etc. DON’T FORGET to give your new user account the role of “Administrator” (this is important!). TIP: Use LastPass to create a strong password. Log out.
Once that’s done, test to make sure you can log in using your new user account. If not, you might need to start over or create a new password for yourself. Test until you’re sure it’s working, you can log in and that you are indeed an “Administrator”.
When that’s complete, you can now delete the original “Admin” user account. MEGA IMPORTANT: You’ll be asked to “Attribute all content to:” – choose the new Administrator user you just created. This will ensure everything you’ve done in WordPress (your content, all of the posts or pages you created, etc.) will remain intact. If you don’t do this – you’ll lose everything you’ve created and that would suck (to say the least). When you’re sure you’ve done this, click the “Confirm Deletion” button.
Wordfence has a free version (which is excellent) and a Premium, $39 per year version as well. The Premium version adds a few bells and whistles like the ability to block countries. This is good for businesses that sell no services overseas or if you happen to notice lot’s of hackers from obscure countries (where none of your current or potential clients live) trying to get into your site. Both the free and premium flavors are great.
iThemes Security Pro steps up the security even more. For $80 per year, you get premium security for 2 websites.
Visit and look over each of these and see what works best for you. Just do something.
Do your updates! Another way that hackers get in? By penetrating vulnerabilities due to unmaintained websites. WordPress, your theme, and plugins regularly push out updates to not only improve their services but to also make patches for bugs and to make things more secure against hackers. These bad guys are always working searching and trolling everywhere and everyone looking for weaknesses. Don’t roll out the welcome mat. Make sure you keep your website updated. TIP: Make sure you backup your website BEFORE doing any updates.
Backup your website. This could be the most important thing you do. Having the ability to restore your website in case something awful happens is crucial. Don’t depend on your web host to do this either. Even if they say they’re doing it, they might not be backing up all of your important files (yep, it’s true – see it all the time). Take your website security into your own hands – YOU make sure it’s being done and done right.
For the sake of your web home, business and mind, please take care of your website. It know some of this stuff is pretty scary (and time-consuming), that’s why I created Got You Covered WordPress Management – If you want (or need) help maintaining your website.
Let me know what you think! Are there any of these that you’re already doing or need to improve on?