WordPress is an open-source platform and you need to be proactive with security and protection. The following are recommended for the protection of your WordPress business website.
- Use very good quality hosting
- Make sure you are using an SSL certificate, your site URL should start HTTPS and show secure in a browser
- Create secure, hard to guess login credentials – there are strong password generators available that will help you
- Enable a firewall
- Two-Factor Authentication on Login
- Install the latest versions of plugins and themes and keep them up to date. Log into your site on a schedule to make sure that nothing is missed
- Keep your WordPress and its database up to date. WordPress can be set to auto update to the newest version. Updating databases will depend on your hosting company so make sure to check with them before settling on a hosting provider
- Always immediately change the standard login details provided at installation of WordPress admin, FTP, and cPanel
- Configure your file permissions
- Back-up your site regularly
- Keep track of WordPress users. If you find unexpected users or admin accounts on your site investigate immediately
- Change the standard log in URL so that it is more difficult to find for hackers, this can be done using a security plugin
Recommended plugins to help secure your site
- All in One WP Security
- Wordfence Plugin
- Sucuri Security plugin
What should someone do if their site does get hacked?
If your website gets hacked it can often be resolved by restoring a backup from cPanel, otherwise known as doing a rollback to an earlier version of your site. Most hosting companies do regular backups going back a month. This resolves the issue in many cases.
When you need a specialist!
If you do not have a backup or if the backup does not work!
You can check your website for potential issues using this website: https://sitecheck.sucuri.net/
For expert assistance at affordable rates please contact me @
What’s App: +923225142559