Securing WordPress

WordPress is probably the most popular choice for small businesses wanting to start with a simple website that they can quickly scale.

WordPress sites can be created for free on wordpress.com and as your business grows you can add tweaks like custom domains or indeed move off to your own hosted solution.

If you do administer your own wordpress you do have to be very careful to ensure that you keep your site secure.  Wordpress comes with many hundreds of plugins – and these are often the way that perpetrators can access your website and insert their content into your posts or features.  This is usually done automatically – so don’t always take this as a personal attack, merely as a way for criminals to generate money for themselves by hijacking your website for their own adversiting purposes.  The more successful your website becomes, the more traffic comes it’s way.  The more traffic means it becomes more attractive to those wanting to hijack your clicks.

So how do you secure your website against intrusion?  Well you learn the hard way to take security seriously but by all means do think about it carefully and if in any doubt use a professional service to secure your WordPress website.

If you’re doing it yourself though here are a few things you can do.

Ensure you have recent and regular backups

Harden your wordpress installation against attack

Ensure that your web server configuration is safe and secure

Don’t opt for auto update

Check your directory permissions and ownership