This page is under development.
Best Practices for Keeping WordPress Secure
1. Upgrade regularly.
Essential to receive the latest in security. WordPress is very careful,, but backup first to be sue the upgrade doesn’t adversely affect your site.
2. Back up regularly.
I recommend BackupBuddy which should be used prior to uploading plugins or changing themes. I can help you restore a site, but ideally you should learn how as well. It is easy to backup and restore with BackupBuddy.
3. Use trusted sources for themes and plugins.
Use the WordPress.org theme and plugin repositories, and make sure to pay attention to the rating, downloads, update frequency, and the community sentiment in the related support threads. Always check for programmers do make mistakes when upgrading. I google a plugin and check news prior to activation.
4. Use a secure password.
Use combinations of letters and numbers, don’t use passwords that are easy to guess, and don’t use the same passwords. Websites like strongpasswordgenerator.com and goodpassword.com are good places to start.
5. Use a quality hosting provider.
I use DreamHost, but others recommend Flywheel and and WP Engine. Just as in the case of plugins, management changes and programming mistakes happen. Check the boards and news. Web hosting is an ever changing industry.