3 Simples Ways to Secure Your WordPress Site

Web Site Security, wordpress hacked, wordpress securityComments are off for this post.

If your small business uses WordPress, the loss of downtime if your website is categorized as “hacked” or “blacklisted” could mean the difference between staying open or closing your doors. For a small business, recovering your website from being listed as “hacked”, “phished” or “blacklisted” could cost a couple of thousand dollars in recovery fees. Many small businesses just can’t afford those fees.

How can you keep your WordPress site secure?

You just need to follow these 3 easy steps.

Step 1 – Make sure your website has an SSL certificate. This means your website URL starts with https and NOT http.  This is critical because starting in 2018 Google will start to categorize websites with http as “not secure”, which could be a turn off for potential customers.

 Step 2 – Install the Wordfence plugin.  Wordfence is a security plugin that protects your website from malicious attacks.

Go to WordFence » Options page to configure plugin settings:


WordFence also provides you the ability to scan your website for malcious activity. Take a few minutes to run this scan – it will help your website tremendously.

Steps 3 – Install the stop user enumeration plugin. This security plugin will detect and prevent hackers scanning your site for user names. This is very important. If a hacker can’t scan your website for your user names, it will make it that much harder for them to hack into your website.

Keeping your usernames secure should be your number one priority.

Hackers will continue to use new exploits to try to gain access to your site. However, the three steps I have outlined will make it much more difficult for hackers to access your WordPress website. It Is also a good practice to keep your WordPress site and your plugins updated.

Keep it secure!