One of WordPress’s biggest advantages is the ease of getting started; Get a hosting provider, upload the files, run the installer, start publishing. One, commonly neglected/overlooked step, that should be considered a priority is making your WordPress secure enough so that we can prevent the most common attacks, such as brute force.
iThemes Security (formerly Better WP Security)
I love iThemes security because apart from being a great plugin in and of itself, it’s also a comprehensive checklist of steps you can (and should) take, to significantly improve the security of your WordPress install.
To get started, first login to WordPress then install and activate the plugin. Once you do, you should see two notifications at the top:
Keep WordPress up-to-date
When a new version of WordPress is available to you, you will get a notification in your WordPress admin screen. We recommend updating your WordPress as soon as you see this notification.
Often these updates are related to security measures to protect your website from new ways hackers try and comprise websites. These updates are helping protect your website, which is why is important to update it as soon as you are able.
Please know that by updating to a new version, this could potentially affect the connectivity with your theme. If your theme hasn’t been updated to be compliant with the new version of WordPress, problems could arise.
Keep plugins up-to-date
On the same note, it’s just as important to keep your plugins up-to-date too. Plugins are often what run many features of your website, and if you aren’t updating your plugins, your security could be breached.
Remove plugins that aren’t being used
As a long time business owner, the plugins we use have changed over the years and I imagine the same is the case for you.
Old plugins that aren’t being used can make your website run slower as well as could potentially lead to harmful attacks to your website.
Try and go through your plugins on a quarterly basis and remove any unused ones to keep your WordPress up-to-date.