Keep your WordPress site secure
Online security is a big deal. Here are a few tips to keep your WordPress website secure:
Update Your WordPress Website
Make sure to keep your WordPress core, themes, and plugins up to date. If you don't you risk compromising your website's security.
If you installed WordPress through your hosting account, there are options to have your software update automatically.
You can still update WordPress through the admin dashboard. This may cause your site's version of WordPress and Value Applications version of WordPress for your site to get out of sync, though. If this happens, attempting to update WordPress through Value Applications results in an error message and you need to update WordPress through the admin dashboard in the future.
To Update Your WordPress Website
- Log in to your WordPress admin panel.
- From the Dashboard click Updates.
- Follow the on-screen directions to update your WordPress website.
Use Anti-Virus in Your Computer
If an attacker gains access to your computer, they can gain access to your WordPress site while you're logged in, or from your saved browser passwords. Keeping your computer safe is one of the best steps you can take toward keeping your site safe.
Maintain Good Password Security
Your password protects your WordPress site. Make sure it's hard to guess, not shared with anybody, and changed frequently. Most security experts recommend changing your password every 90 days to prevent attackers from accessing your site by repeatedly guessing your password.
If you need to share your WordPress admin with another user, you should create a new user account for them.
For more information, see Keeping Your Hosting/FTP Password Secure and Create strong passwords.
Connect via FTP-SSL
Connecting to your site via FTP-SSL keeps your password secure from eavesdropping. For more information see Connecting to Your Shared Hosting Account with FTP-SSL.
Invest in Extra Security
For an additional cost, you can purchase services that bring extra security to your site. There are several services available that look for changes and known vulnerabilities in your site on a regular basis.
Purchasing an SSL certificate and configuring WordPress lets you log in and use your administration page over https. This protects your password and admin session from eavesdroppers on your network. For more information, see Using an SSL with Your WordPress Admin Control Panel.
Restore Your WordPress Website (Managed WordPress only)
Sometimes you need to restore your site to a previous version. Your site's database and files are automatically backed up every night. Use these articles to backup and restore your site:
- Restore my site (Pro plans only)
- Restore my site (Basic, Deluxe, Ultimate, and Developer plans)