Keeping your WordPress site safe should be your number one priority. All of the writing, networking and other activities you do to promote your blog are meaningless if nobody can read it because you’ve been taken down by hackers or have somehow completely fried your site yourself. Here are a few simple steps to follow to keep your WordPress blog up and running smoothly.
You may also be interested in one of these older posts
List Of Essential PHP Quick References And CheatSheets
5 Essential Google Cheat Sheets Which Surely Will Come in Handy
TOP CSS Cheatsheets
25 Essential Tutorials And Resources For Learning CSS3
1. Make Backups. Constantly. There are several different plugins and services, such as WordPress Mechanic that can make keeping your WordPress blog updated simple. Make sure that you are backing up both your data base and your WordPress files, to include your theme, images and any other customizations. You’ll want to make backups at least once a week and possibly more often if your site is constantly being updated or you can’t afford to lose even a day’s worth of comments or posts.
It’s also good practice to make a full backup before upgrading your blog or moving to a new server.
2. Choose a secure password and user name. Don’t use the default user name of “admin” and make sure your password is strong and not easy to guess. It’s a good practice to never use the same passwords across sites and be careful about logging in over unsecured networks or on public computers.
3. Be careful who you allow to work on your blog. Get references and make sure to delete any accounts you made for them after the work is completed. You can always make a new account if they should need access in the future. The problem isn’t only security; anybody can say that they are a WordPress expert. If they don’t know what they are doing, they can completely ruin your blog, leaving you an expensive, time consuming mess on your hands.
It can be tempting to go with the lowest bidder on a freelance site, but don’t let price be your foremost concern in choosing a blog designer or coder. The best policy is to ask people you trust for recommendations and ask for and check references before hiring somebody to work on your blog.
4. Evaluate all plugins carefully before installing. The more plugins you have, the more points of vulnerability there are on your blog and if something goes wrong, it’s a long, tedious slog to find out which plugin is responsible or which ones aren’t playing nicely with each other. Don’t install things willy-nilly into your blog, take the time to ask if you really need this function and to research any complaints or concerns others have had with the plugin before adding it.
5. Keep your WordPress upgraded. Using the latest version can help ensure that you are protected against previously discovered WordPress security breaches. It’s not an iron-clad guarantee, but do you really want to be using the version that all of the hackers know how to infiltrate? And remember tip 1: do a full backup before upgrading!
6. Make sure all of your files and directories have the proper CHMOD setting. CHMOD is basically the permissions that each file or directory gives for who can read, write and execute the contents. There are too many variables to give a full accounting of which files and directories need which permissions in this brief article, but unless you know exactly what you are doing, ask an expert first before you change the CHMOD on any of your files and directories and leave files writable only for as long as they need to be.
These tips are a good start to keeping your WordPress site up and running but security and safety is an ongoing concern for any blog owner. Make sure you keep up with your backups and WordPress updates and be cautious about any actions you take that could change the way your blog works or increase its vulnerability.
I would love to keep my blogs all updated to the latest version of WordPress. Sadly, the requirements for PHP and MySQL in the latest version are not met by my web host, so until they decide to upgrade I’m stuck with this vulnerability unless I want to go to the cost and frustration of changing hosts. Been there, done that, lost a lot of content.
do what ever you do but backup is the most important thing to do
For most hosts it is pretty simple.
The rest of the article still holds and you should upgrade as soon as you can. Backups is something I don’t do as often as I should.
Yes…backup…I need to backup my blog soon. It has been a long time I did that.
I use the wp db backup manager for regular automated db backups. File backups are a little more tricky…Here is a file back up plugin: http://www.blogtrafficexchange.com/wordpress-backup/
Also agree on choosing who works on your blog. I had a developer work on one of my sites and my site was being drained of bandwidth at very rapid rate..Changing FTP details fixed that quick smart…
Hi,
you could say that users can change the wordpress
database name from wp1_ … to something else.
And there some Addons which helps to fix that problem.
–
bjoern
how do i use the backup manager? i cannot get it working :(
i have tryed the FTP changes
i make certain to change my password every few days. that is really the only guaranteed way to prevent hacks.
Yes, fair enough with what you specified in this post, but here are some extra tips that would help.
1. If you have different persons working on your blog, make sure they all have different username and password’s so you will see what changes makes everyone. If that person stops working for you immediattelly delete their user.
2. Make sure your password is alphanumeric, has at least two numbers and at least Capital letter.
3. If you install a plugin for first time, do it locally first. Even if that plug-in has good reviews, it might have conflicts with other plugins installed in your theme.
But most important is to have an UP TO DATE BACK UP for your website. If you are a begginers pay a few extra pounds/dollars a month and get a hosting which offer daily/monthly back-up. If anything goes wrong go and ask them to restore the database for this installationa and the root folder of the wordpress script.
Alex Paul C. ( A.K.A http://www.apc-webservices.co.uk – Web Design and Marketing Glasgow )
this is a very nice web design that you have been posted. it is a great manner that you have very good blog as to the work. i like it very much. please keep it up. have a nice day.
I am a blogger myself and my experience suggests we need to take care of all the WordPress plugins and should always maintain a backup of database to protect our data. Using .htaccess file and firewall on server are also very good ways to secure a WordPress website