General security tips, WordPress security advice and why WordPress backups are important.
The first thing experts recommend is – update your software.
The second thing is securing your primary email. Whichever email account is where you get all your account recovery from – that’s crucial, if someone can get into that, they can get into everything else.
The third thing is don’t reuse passwords. If you need to, write them down and keep them in your wallet.
Use an Apple phone or, if you’re going to use an Android phone, make sure it’s one that gets the most recent OS security updates from Google.
And finally, use antivirus software.
[Source: Zeynep Tufekci, on Sam Harris’ podcast, 29 May 2017]
4 WordPress Security Tips
Keep WordPress plugins and themes up to date. (Always remember to backup your data before updating important parts of your website.)
Use security plugins like iThemes Security.
Use captcha on WordPress the admin login page to prevent automated login attempts. For extra security, use 2 step authentication too.
Use Gmail for your email. For extra security, use 2 step authentication.
Why WordPress Backups Are Important
You should always make a backup before updating themes and plugins. This way, in case anything breaks during an update (when, on a server level, files are being deleted and replaced with newer versions of their selves) or right after an update (e.g. the new version of a plugin is incompatible with something else on your server), you still have a snapshot of your website from a previous point in time when it was still working.
Having backups of all your data is also useful in the event of losing that data from your server, for example due to hacking, malicious software, ransomware, etc.
We offer regular website maintenance services that include periodic backups so you don’t have to worry about losing your website. For more details, see our Services page.