Website security is an important issue that many new WordPress users can easily ignore. How to ensure WordPress site security is also a difficult problem faced by many users who have just come into contact with WordPress. This series of tutorials on WordPress teach you to introduce a series of steps to protect your WordPress website security. We have devided these steps into 32 steps, today introduced the WordPress website security ultimate checklist Step 13 ~ 17.
WordPress website security ultimate checklist Step 13 ~ 17
13. Update your website only on trusted networks
Many times, we treat free WiFi as a perk.
But the paranoid security monster(like me), will be upset in such a distrust of the network (such as your downstairs in the fast-food restaurant) to update the site.
Open WiFi environment, data is easily stolen. If you have access to your WordPress admin background in such a distrustful network, then you may reap more than just“free WiFi”.
Remember to only update your website in a trusted network, such as at home, or in the office.
14. Install antivirus software on your local computer
Imagine a computer virus on your desktop computer.
Remember, the primary goal of the virus is to replicate and spread itself as much as possible. For computer viruses, isolate it and never let it spread to your website.
To deal with the virus, the most widely used way is to install anti-virus software. Many websites are infected because some of them do not have anti-virus software installed on their computers.
It is very bad.
The virus on your desktop computer will quickly replicate itself and may soon be infected to your site. The virus may also steal your password, bank card number, and other personal information.
Make sure that you install anti-virus software on your local computer and update the virus database in a timely manner to protect the data on your local computer and remote sites.
15. Monitor website security using similar services like Google Search Console
Strictly speaking, this is not a security suggestion for a WordPress site; it is a supplement to the steps you have taken to protect WordPress security.
Google Search Console is the original Google Webmaster tool, mainly used to monitor the display of your site in Google search results.
Google and other search engines want your website to be free from any malware. If Google Search Console finds any malicious Trojan on your console, it will give you suggestions.
Although Google Search Console is not the best solution, because it only provides processing suggestions after your site is hacked, rather than taking action to deal with the problem; but it can give you a timely reminder that you can deal with the situation as soon as possible.
16. Use the security protection Plugin to protect your WordPress website
Before we talk about so many security checks, not very trivial, some steps may also need some knowledge of some technical knowledge, in order to repair your WordPress site.
Now we need to have a more active defense. Our advice is to give your WordPress site a bulletproof security plug-in to fully protect your website.
Many of these plugins are in the top 25 most popular WordPress plug-ins, also introduced a few, namely the (Jetpack plug-in package, including security module), (All In One WP Security & Firewall) and (Two Factor Authentication) etc.
However, in terms of website security, the most powerful and professional WordPress free plugin, is the All in One WP Security & Firewall plugin. The plug-in profile called himself ” comprehensive, easy to use, stable, and has good technical support WordPress security plug-ins”. Currently, there are more than 400,000 WordPress sites installed this plugin.
17. If the other steps fail, then use the Backup Recovery site
We’ve tried to list all of the steps you can take to enhance the security of your WordPress site, and you should try to do it as much as possible. However, we can also expect that, in practice, you may inadvertently ignore one or more of these steps.
However, this one step you must not skip!
If your website is inadvertently hacked, the most important thing for you is a full backup!
For your WordPress site (and also other sites), the thing you should never forget to do is “back up! Back up! Back up!”
Important things to say three times!
Not only to prevent website intrusion, but you can use the backup to prevent a variety of accidents, technical errors, and other disasters. Have a backup to ensure that your site can be back to normal as soon as possible from the accident.
When you have a backup plan, in case your site is hacked, you should know that you should follow the steps to find the vulnerability, restore the backup, patch the vulnerability. Let your site resume operation, and prevent re-invasion.
After you have made a backup plan for your website, you should regularly test whether the backup can be used for recovery. Install a test site, and then try using the backup data recovery. The worst thing is, you feel like you’ve made a backup, and when you need it, you find it useless.
(Unfinished, continue reading…）