Securing Your WordPress Blogsite


TPJaveton WebNet Welcomes past readers of the Take A Look Website!

As you may already know, the content of Take A Look was recently merged with TPJaveton WebNet in our efforts to consolidate the various Internet properties owned and operated by TPJaveton & Associates into one comprehensive site. If you experienced any inconvenience during your efforts to find the content you’re used to reading at TAL, we extend our sincerest apologies. However, we will try to bring you content that is qualitatively as good as what you’ve become accustomed to at TAL. Thanks again!

Please read on.

If you have a WordPress blog or a blogsite, you may be wondering how am I supposed to keep it safe from hackers and from accidental changes or deletions? In addition to any kind of fancy modifications or security plugins, there are a few easy steps you can take right now within the next few minutes to make sure your WordPress blogsite is secure. The first thing you can do is only connect to WordPress on a secure WiFi connection, use only trusted plugins, and keep your WordPress installation up to date. This includes plugins, themes and other tools used on the site.

Did you know that when you connect to a blogsite using unsecured WiFi like airport WiFi, Starbuck’s WiFi or any other public WiFi, that anyone can see your username and password? That means when you connect via FTP or simply log into your WordPress dashboard anyone can see exactly what your username and password is, copy those details and join for themselves.

This is why it’s very important to only connect to your WordPress site dashboard or FTP using an SSL connection or if you’re connecting with a cellular 3G network instead of WiFi. If you don’t know what any of those things are, then simply make it a point to only connect to your FTP blogsite and WordPress admin dashboard from home instead of in public.

Next, only use plugins you trust. Keep in mind that any WordPress plugin, if it so chooses, can have access to your entire WordPress site; and it can access all of your users, all of your content; and most of the time it (and its creator) can have access to every single file on your blogsite, if it so chooses. It is for this reason that using ONLY WordPress plugins that you trust is very important. Don’t go out and install 200, 300 plugins just because they all seem like they have cool features.

If a plugin is brand new, if no one seems to be using it, that is not a good sign, and it may be a Trojan Horse kind of plugin where someone had simply put it out onto the internet in the hopes that someone else will install it on their website, and having done so would have given the hacker complete access to your files and your content.

Finally, a very easy way to secure your WordPress blog is to keep WordPress up to date. People find security holes all the time, and WordPress is quick to fix those holes, but it does you no good unless you update your blog to the current version which is safeguarded against most attacks. Luckily the most current versions of WordPress have a single button you can click to update it, which means it downloads and installs the most recent version so you will be protected having done so.

Now, let’s say you failed to do any of the things mentioned above to safeguard and protect your WordPress blogsite, or you think that, for whatever reason, your WP blogsite is vulnerable; the one thing you MUST do under these circumstances is get yourself a backup and restore tool so that any time your WP site goes down or encounters a hacking problem, or any other problem that causes it to go down and off the Web, you can restore it from a previously backed up version. You should have a backup and restore tool on all your WP blogsites and eliminate any worries in that area.