WordPress Is a Great Platform for Hosting a Site, but It’s Only as Secure as Your Last Update.

Like most types of website-creating software, WordPress is constantly being updated to help it keep up with the needs of its users – and the majority of security breaches happen because someone is using an old, out-of-date piece of software.

In fact, chances are that a security measure designed to stop whatever exploit was used was available, but hadn’t been applied to the site in question.

If you really want to implement WordPress website security measures – and you should – here are a few things you can do as part of your overall web design.

1) Make it Encrypted

Implementing the HTTPS protocol is far less expensive than it used to be – in fact, if you’re running a simple blog, chances are you can get this for free. On the other hand, if you’re dealing with ecommerce or any kind of sensitive material, it’s worth paying for a higher-end certificate and getting the best security you can have.

Now, when I say it’s worth getting a good certificate, I mean that in the most literal sense – depending on the setup of your site, you may actually be required to do this by whoever processes your transactions, and you won’t be able to sell anything until you do.

The Payment Card Industry Data Security Standards are strictly enforced, and that’s a good thing – a payment breach could cause enough trouble to shut down your company, so it’s always best to ensure your site meets or exceeds the industry’s security standards.

Still not sure if wordpress is the the right platform for website? Here’s What We Love About WordPress.

2) Set up a Firewall

Firewalls are great for WordPress security because they allow for things like:

  • Stopping other computers from sending commands to your server
  • Preventing sensitive data from being sent out without your express permission
  • Cutting off malware, viruses, and other programs that could let hackers sneak inside

Firewalls can also be configured to help stop employees from accessing certain sites, or from sending emails containing sensitive information. It is always better to have a firewall in place – and this is such a core feature that many servers and websites already come with the option to set one up.

Important: Make sure you don’t have an account with the name “admin” on your website (or, indeed, your whole network). This is usually present by default, often without so much as a password, and hackers regularly try to break through firewalls by taking them down through such accounts.

3) Manage your User List

You should have criteria for approving who can log in and work on your site – and your list of users should always be fully up-to-date. If you work with a developer and need to give them admin privileges, do so – but deactivate their account once you’re no longer working with them.

The same holds true for anyone who has access to your File Transfer Protocol (FTP) – monitor the access and deactivate their account when you stop working with them.

This helps to ensure that security breaches at other companies won’t give hackers a backdoor access to your site. For an added level of security, consider changing all passwords on a frequent basis – every six months is appropriate for most businesses.

4) Use Plugins to help manage security

Plugins are a great option for WordPress security, since many of them can help deal with problems you didn’t even know you had. Now, as much as I’d like to name a great plugin that’s suitable for everyone reading this… it’s not that simple. Different websites have different needs, and some need more security than others.

There is no universal solution for your security needs, but there are some popular choices that cover most potential issues.

With that in mind, take a look at this list of security plugins – it’s a good place to start if you’re looking to improve your WordPress security. Along with the other methods we mentioned above, this should be enough to get your website’s security level to where it needs to be.

Plugins are a great way to help tailor your website to meet specific needs. To help you find the best plugins for your site, here are The Five Best WordPress Plugins for Small Business Websites.



Breezy Hill Marketing is a Vermont marketing agency located in Richmond, VT. We specialize web design services, creating beautiful and optimized websites for our clients here in Vermont and throughout the country.  We also offer inbound marketing and marketing strategy services that are tailored to meet each customer’s unique needs and ensure a successful outcome.