5 tips to keep your WordPress site secure
At Pixel Internet we take a very serious approach to security. Our hosting plans are carefully optimised to be as secure as possible. However, there are still a handful of potential security risks when running a website, that we have no control over. You, the website owner, need to pay attention to these potential security risks, in order to keep your website safe.
With that in mind, here are 5 things you can do to improve your WordPress security.
1. Keep WordPress and your plugins up to date.
This one can be easily overlooked, especially if you do not regularly update your website. WordPress continually releases updated version of its platform, introducing new features and most importantly fixing any security vulnerabilities in its code. Likewise all ‘good’ plugins will do the same thing, normally inline with WordPress version releases.
WordPress will highlight when a new version is available, likewise it will also flag up when a plugin needs to be updated.
Note; its always a good idea to ensure you backup your site files and database before making any updates.
2. Use strong passwords
According to this infographic, around 8% of hacked WordPress sites are down to weak passwords. Try to ensure you use both upper and lower case and include at least one special character and number.
For a password that is easy to remember but very hard to crack, we recommend this article for coming up with a good password recipe.
3. Never user ‘admin’ as a username
Earlier this year, there was a series brute-force attacks launched at WordPress websites across the web, consisting of repeated login attempts using the username ‘admin’, combined with a bunch of common passwords.
If you use “admin” as your username, and your password isn’t strong enough, then your site is very vulnerable to a malicious attack. Fixing this is simply a case of creating a new administrator account via your Wordpress control panel and then deleting the original ‘admin’ account.
4. Add some extra security
There are many plugins available for WordPress that offer additional security. One we think does the job well is called Wordfence. Its easy to setup and configure and will help protect your WordPress website from attacks.
If you are confident making changes to your .htaccess file then there are some simply ways to improve your WordPress security. Here is a good tutorial covering htaccess security for WordPress
5. Keep regular backups
We can’t overemphasise the importance of taking regular backups of your website. Unfortunately this is something many people put off until it’s too late.
If you host your WordPress website with Pixel Internet, then you can take advantage of our Snapshot backups – all of your site file, databases and emails are backed up daily and kept for a rolling 30 day period. You can easily restore any part of your site at anytime via’s your control panel giving you complete security and piece of mind.
Alternatively you can configure a plugin such as WordPress Backup to Dropbox to schedule regular automatic backups of your site files (note this will not backup your emails)
To find out more about hardening your website’s security, please check out these two resources:
This may all sound a bit intimidating, especially if you’re a beginner. But don’t panic, if you host your website with Pixel Internet, our support team will be more than happy to review your WordPress site and advise you of any security alterations required to help keep your website safe and secure.